malware, virus...???

#0
27.01.2006, 14:15
Member

Beiträge: 25
#1 ich denke ich habe viren oder sowas mein pc is etwas langsamer als sonst un ständig öfnen sich solche fenster mit werbung...
Seitenanfang Seitenende
27.01.2006, 15:35
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 und ...was soll ich mit diesem Hilferuf anfangen???

Glaskugel an:

Hijackthis
http://computercops.biz/zx/Merijn/hijackthis.zip
http://virus-protect.org/hjtkurz.html
Lade/entpacke HijackThis in einem Ordner
--> None of the above just start the program --> Save--> Savelog -->es öffnet sich der Editor
nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen"

Glaskugel aus
;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
27.01.2006, 17:02
Member

Themenstarter

Beiträge: 25
#3 Logfile of HijackThis v1.99.1
Scan saved at 17:01:13, on 27.01.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\programme\steam\steam.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\FRITZ!DSL\StCenter.exe
C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Xfire\Xfire.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\Winamp\winamp.exe
C:\Programme\Teamspeak2_RC2\TeamSpeak.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Manuel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Programme\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Programme\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Programme\Save\Save.exe"
O4 - Startup: Xfire.lnk = C:\Programme\Xfire\Xfire.exe
O4 - Global Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/sites/winfixer.com/www/pages/scanner_de/WinFixer2005ScannerInstallDE.cab

O18 - Protocol: bw+0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

hier is es ;)
Seitenanfang Seitenende
27.01.2006, 18:34
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4 Meverick

Oben auf der Seite --> auf Durchsuchen klicken --> Datei aussuchen --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten --> kopiere das Ergebnis in das Sicherheitsforum
http://www.virustotal.com/flash/index_en.html

C:\WINDOWS\System32\sw20.exe
C:\WINDOWS\System32\sw24.exe

------------------------------------------------------------------------

Registry Search Tool
http://www.billsway.com/vbspage/vbsfiles/RegSrch.zip
eventuelle Meldung vom Virenscanner --- > warnmeldung:bösartiges skript entdeckt --> ignorieren

Doppelklick:regsrch.vbs
reinkopieren:

{F919FBD3-A96B-4679-AF26-F551439BB5FD}

Press 'OK'
warten, bis die Suche beendet ist. (Ergebnis bitte posten)

Doppelklick:regsrch.vbs
reinkopieren:

WhenUSave

Press 'OK'
warten, bis die Suche beendet ist. (Ergebnis bitte posten)

Doppelklick:regsrch.vbs
reinkopieren:

WinFixer2005

Press 'OK'
warten, bis die Suche beendet ist. (Ergebnis bitte posten)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
27.01.2006, 20:44
Member

Themenstarter

Beiträge: 25
#5 REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "{F919FBD3-A96B-4679-AF26-F551439BB5FD}" 27.01.2006 20:42:25

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F919FBD3-A96B-4679-AF26-F551439BB5FD}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F919FBD3-A96B-4679-AF26-F551439BB5FD}\AvailableVersion]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F919FBD3-A96B-4679-AF26-F551439BB5FD}\DownloadInformation]



___________________________________________________________________
REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "WhenUSave" 27.01.2006 20:43:25

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhenUSaveMsg]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave\Partners]

[HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave\Partners\EEPE]

[HKEY_USERS\S-1-5-21-1708537768-1482476501-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"WhenUSave"="\"C:\\Programme\\Save\\Save.exe\""


___________________________________________________________________
REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "WinFixer2005" 27.01.2006 20:44:13

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F919FBD3-A96B-4679-AF26-F551439BB5FD}\DownloadInformation]
"CODEBASE"="http://locator1.cdn.imagesrvr.com/sites/winfixer.com/www/pages/scanner_de/WinFixer2005ScannerInstallDE.cab"

hier ist alles hoffe ich habe alles richtig
Seitenanfang Seitenende
28.01.2006, 00:30
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#6 Oben auf der Seite --> auf Durchsuchen klicken --> Datei aussuchen --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten --> kopiere das Ergebnis in das Sicherheitsforum
http://www.virustotal.com/flash/index_en.html

C:\WINDOWS\System32\sw20.exe
C:\WINDOWS\System32\sw24.exe
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
28.01.2006, 16:45
Member

Themenstarter

Beiträge: 25
#7 This is a report processed by VirusTotal on 01/28/2006 at 16:43:00 (CET) after scanning the file "sw20.exe" file.

Antivirus Version Update Result
AntiVir 6.33.0.81 01.28.2006 no virus found
Avast 4.6.695.0 01.27.2006 no virus found
AVG 718 01.27.2006 no virus found
Avira 6.33.0.81 01.27.2006 no virus found
BitDefender 7.2 01.28.2006 no virus found
CAT-QuickHeal 8.00 01.27.2006 no virus found
ClamAV devel-20051123 01.28.2006 no virus found
DrWeb 4.33 01.28.2006 no virus found
eTrust-InoculateIT 23.71.62 01.28.2006 no virus found
eTrust-Vet 12.4.2058 01.27.2006 no virus found
Ewido 3.5 01.28.2006 no virus found
Fortinet 2.54.0.0 01.28.2006 no virus found
F-Prot 3.16c 01.28.2006 no virus found
Ikarus 0.2.59.0 01.27.2006 no virus found
Kaspersky 4.0.2.24 01.28.2006 no virus found
McAfee 4684 01.27.2006 no virus found
NOD32v2 1.1385 01.28.2006 no virus found
Norman 5.70.10 01.27.2006 no virus found
Panda 9.0.0.4 01.28.2006 no virus found
Sophos 4.02.0 01.28.2006 no virus found
Symantec 8.0 01.28.2006 no virus found
TheHacker 5.9.3.082 01.27.2006 no virus found
UNA 1.83 01.27.2006 no virus found
VBA32 3.10.5 01.28.2006 no virus found

____________________________________________________________
his is a report processed by VirusTotal on 01/28/2006 at 16:46:25 (CET) after scanning the file "sw24.exe" file.

Antivirus Version Update Result
AntiVir 6.33.0.81 01.28.2006 no virus found
Avast 4.6.695.0 01.27.2006 no virus found
AVG 718 01.27.2006 no virus found
Avira 6.33.0.81 01.27.2006 no virus found
BitDefender 7.2 01.28.2006 no virus found
CAT-QuickHeal 8.00 01.27.2006 no virus found
ClamAV devel-20051123 01.28.2006 no virus found
DrWeb 4.33 01.28.2006 no virus found
eTrust-InoculateIT 23.71.62 01.28.2006 no virus found
eTrust-Vet 12.4.2058 01.27.2006 no virus found
Ewido 3.5 01.28.2006 no virus found
Fortinet 2.54.0.0 01.28.2006 no virus found
F-Prot 3.16c 01.28.2006 no virus found
Ikarus 0.2.59.0 01.27.2006 no virus found
Kaspersky 4.0.2.24 01.28.2006 no virus found
McAfee 4684 01.27.2006 no virus found
NOD32v2 1.1385 01.28.2006 no virus found
Norman 5.70.10 01.27.2006 no virus found
Panda 9.0.0.4 01.28.2006 no virus found
Sophos 4.02.0 01.28.2006 no virus found
Symantec 8.0 01.28.2006 no virus found
TheHacker 5.9.3.082 01.27.2006 no virus found
UNA 1.83 01.27.2006 no virus found
VBA32 3.10.5 01.28.2006 no virus found
Seitenanfang Seitenende
28.01.2006, 17:31
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#8 Meverick

Gehe in die Registry
Start-->Ausfuehren--> regedit

bearbeiten--> suchen--> WhenUSave


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhenUSaveMsg]<--loeschen
[HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave]<--loeschen

bearbeiten--> suchen
--> {F919FBD3-A96B-4679-AF26-F551439BB5FD}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F919FBD3-A96B-4679-AF26-F551439BB5FD}---> loeschen

---------------------------------------------------------------------------------------
öffne das HijackThis -- Button "scan" -- vor die Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:\Programme\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:\Programme\BitComet Toolbar\v2.0.0.1\BitComet_Toolbar.dll

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - HKCU\..\Run: [WhenUSave] "C:\Programme\Save\Save.exe"

O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/sites/winfixer.com/www/pages/scanner_de/WinFixer2005ScannerInstallDE.cab

O18 - Protocol: bw+0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F75DFC6D-DA93-4800-BD2D-17984CC01846} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

pc neustarten

deinstallieren:
WhenUSave
BitComet Toolbar

loeschen:
C:\Programme\Save

stelle den Cleaner genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html

Counterspy
http://virus-protect.org/counterspy.html
nach dem Scan muss man sich entscheiden für:
*Ignore
*Remove
*Quarantaine
wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab und ins Sicherheitsforum)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
29.01.2006, 20:02
Member

Themenstarter

Beiträge: 25
#9 Spyware Scan Details
Start Date: 29.01.2006 05:14:06
End Date: 29.01.2006 05:40:00
Total Time: 25 mins 54 secs

Detected spyware

BearShare P2P more information...
Details: BearShare is a file sharing network. The free version installs a number of known spyware and adware programs.
Status: Deleted

Infected files detected
c:\programme\bearshare\bearshare.dat
c:\programme\bearshare\bearshare.exe
c:\programme\bearshare\bsidle.dll
c:\programme\bearshare\freepeers.ini
c:\programme\bearshare\history.txt
c:\programme\bearshare\install.log
c:\programme\bearshare\runmsc.dll
c:\programme\bearshare\unwise.exe
c:\programme\bearshare\unwise.ini
c:\programme\bearshare\webstats.bat
c:\programme\bearshare\webstats.exe
c:\programme\bearshare\webstats.ini
c:\programme\bearshare\db\config.bin
c:\programme\bearshare\db\connect.txt
c:\programme\bearshare\db\gwebcache.dat
c:\programme\bearshare\db\hostiles-chat.txt
c:\programme\bearshare\db\hostiles.txt
c:\programme\bearshare\db\library.2.db
c:\programme\bearshare\db\library.db
c:\programme\bearshare\db\searches.ini
c:\programme\bearshare\installer\bsinstallde.exe
c:\programme\bearshare\logs\hosts-state.txt
c:\programme\bearshare\logs\memory.txt
c:\programme\bearshare\logs\ordinal.txt
c:\programme\bearshare\logs\streams.txt
c:\programme\bearshare\sounds\notify.wav

Infected registry entries detected
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 C:\Programme\BearShare\RunMSC.dll
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class
HKEY_CLASSES_ROOT\gnufile
HKEY_CLASSES_ROOT\gnufile\shell\open\command "C:\Programme\BearShare\BearShare.exe" "%1"
HKEY_CLASSES_ROOT\gnufile gnutella
HKEY_CLASSES_ROOT\gnufile BrowserFlags 8
HKEY_CLASSES_ROOT\gnufile EditFlags 65536
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 C:\Programme\BearShare\RunMSC.dll
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR C:\Programme\BearShare\
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library
HKEY_CURRENT_USER\appevents\eventlabels\bearsharechatnotifymsg
HKEY_CURRENT_USER\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting
HKEY_CURRENT_USER\appevents\schemes\apps\bearshare
HKEY_CURRENT_USER\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current C:\Programme\BearShare\sounds\notify.wav
HKEY_CURRENT_USER\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg
HKEY_CURRENT_USER\appevents\schemes\apps\bearshare BearShare
HKEY_LOCAL_MACHINE\software\bearshare
HKEY_LOCAL_MACHINE\software\bearshare InstallDir C:\Programme\BearShare
HKEY_LOCAL_MACHINE\software\classes\gnufile
HKEY_LOCAL_MACHINE\software\classes\gnufile\shell\open\command "C:\Programme\BearShare\BearShare.exe" "%1"
HKEY_LOCAL_MACHINE\software\classes\gnufile gnutella
HKEY_LOCAL_MACHINE\software\classes\gnufile BrowserFlags 8
HKEY_LOCAL_MACHINE\software\classes\gnufile EditFlags 65536
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 C:\Programme\BearShare\RunMSC.dll
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR C:\Programme\BearShare\
HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayName BearShare
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare UninstallString C:\PROGRA~1\BEARSH~1\UNWISE.EXE C:\PROGRA~1\BEARSH~1\INSTALL.LOG
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayVersion 5.2.0.4DE
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare HelpLink http://bearshare.de/Help/index.htm
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare Publisher Free Peers, Inc.
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare URLInfoAbout http://www.freepeers.com
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayIcon C:\Programme\BearShare\BearShare.exe,-128
HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg
HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting
HKEY_USERS\.default\appevents\schemes\apps\bearshare
HKEY_USERS\.default\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current C:\Programme\BearShare\sounds\notify.wav
HKEY_USERS\.default\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg
HKEY_USERS\.default\appevents\schemes\apps\bearshare BearShare
HKEY_USERS\s-1-5-18\appevents\eventlabels\bearsharechatnotifymsg
HKEY_USERS\s-1-5-18\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current C:\Programme\BearShare\sounds\notify.wav
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg
HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare BearShare


WhenU.SaveNow Adware more information...
Details: an advertising application that displays pop-up advertising on the desktop in response to users' surfing behavior.
Status: Deleted

Infected files detected
C:\Programme\BearShare\RunMSC.dll
C:\Programme\BearShare\Webstats.exe
C:\Programme\BearShare\Webstats.ini

Infected registry entries detected
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07}
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07}
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver RunMSC.Loader.1
HKEY_LOCAL_MACHINE\software\classes\wusn.1
HKEY_LOCAL_MACHINE\software\classes\wusn.1 WUSN_Id
HKEY_LOCAL_MACHINE\software\whenusave
HKEY_LOCAL_MACHINE\software\whenusave TotalPopup ;;;;;;;;1;1;1
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97} ILoader
HKEY_CLASSES_ROOT\wusn.1
HKEY_CLASSES_ROOT\wusn.1 WUSN_Id
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 C:\Programme\BearShare\RunMSC.dll
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class
HKEY_CLASSES_ROOT\ACM.ACMFactory
HKEY_CLASSES_ROOT\ACM.ACMFactory\CLSID {A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}
HKEY_CLASSES_ROOT\ACM.ACMFactory\CurVer ACM.ACMFactory.1
HKEY_CLASSES_ROOT\ACM.ACMFactory ACMFactory Class
HKEY_CLASSES_ROOT\ACM.ACMFactory.1
HKEY_CLASSES_ROOT\ACM.ACMFactory.1\CLSID {A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}
HKEY_CLASSES_ROOT\ACM.ACMFactory.1 ACMFactory Class
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\InprocServer32 C:\Programme\Save\ACM.dll
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\ProgID ACM.ACMFactory.1
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\TypeLib {DF901432-1B9F-4F5B-9E56-301C553F9095}
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\VersionIndependentProgID ACM.ACMFactory
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD} ACMFactory Class
HKEY_CLASSES_ROOT\clsid\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD} AppID {127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB}
HKEY_CLASSES_ROOT\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}
HKEY_CLASSES_ROOT\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\0\win32 C:\Programme\Save\ACM.dll
HKEY_CLASSES_ROOT\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\HELPDIR C:\Programme\Save\
HKEY_CLASSES_ROOT\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0 ACM 1.0 Type Library
HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}
HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\TypeLib {DF901432-1B9F-4F5B-9E56-301C553F9095}
HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0} IACMFactory
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\TypeLib {DF901432-1B9F-4F5B-9E56-301C553F9095}
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086} IFetchExtractor
HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}
HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\TypeLib {DF901432-1B9F-4F5B-9E56-301C553F9095}
HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842} IFetchData
HKEY_CLASSES_ROOT\AppID\{127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB}
HKEY_CLASSES_ROOT\AppID\{127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB} ACM
HKEY_CLASSES_ROOT\AppID\ACM.DLL
HKEY_CLASSES_ROOT\AppID\ACM.DLL AppID {127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB}


WhenU.WhenUSearch Low Risk Adware more information...
Details: a desktop search toolbar that displays links to advertised offers in response to users' surfing behavior and opens paid search results when users perform searches through the toolbar's search mechanism.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\WUSN.1
HKEY_CLASSES_ROOT\WUSN.1 WUSN_Id


SearchNugget Browser Plug-in more information...
Details: SearchNugget is a Browser Helper Object that displays a toolbar in Internet Explorer as well as a button and changes the Internet Explorer home page.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ACM.ACMFactory.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ACM.ACMFactory.1\CLSID {A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ACM.ACMFactory.1 ACMFactory Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ACM.DLL AppID {127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD} AppID {127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\0\win32 C:\Programme\Save\ACM.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\FLAGS 0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\HELPDIR C:\Programme\Save\
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0 ACM 1.0 Type Library


Zedo Cookie more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\manuel\cookies\manuel@zedo[1].txt
Seitenanfang Seitenende
29.01.2006, 20:14
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#10 nun kopiere noch den Rest...oder war das alles ? + das neue Log vom HijackThis
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: