Virus Alert in der TaskleisteThema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
17.07.2006, 02:05
Member
Beiträge: 19 |
||
|
||
18.07.2006, 17:43
Moderator
Beiträge: 7805 |
#2
Arbeite bitte ersteinmal http://siri.geekstogo.com/SmitfraudFix_De.php ab und poste dann nochmal ein Hijackthis log und ein datfind report...
__________ MfG Ralf SEO-Spam Hunter |
|
|
||
19.07.2006, 23:58
Member
Themenstarter Beiträge: 19 |
#3
Logfile of HijackThis v1.99.1
Scan saved at 23:48:01, on 19.07.2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LogonUI.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\System32\RunDll32.exe C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\System32\LVCOMSX.EXE D:\Programme\Logitech\Video\LogiTray.exe C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\System32\rundll32.exe D:\Programme\Winamp\winampa.exe D:\Programme\ICQLitePro7\ICQLite.exe D:\Programme\a-squared Anti-Malware\a2guard.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe C:\Programme\MSN Messenger\msnmsgr.exe C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe D:\Programme\AntiVir PersonalEdition Classic\sched.exe D:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\nvsvc32.exe D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe D:\Programme\Logitech\Video\FxSvr2.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\svchost.exe D:\Programme\Opera\Opera.exe C:\Dokumente und Einstellungen\alex\Desktop\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\System32\hp100.tmp (file missing) O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [ICQ Lite] "D:\Programme\ICQLitePro7\ICQLite.exe" -minimize O4 - HKLM\..\Run: [a-squared] "D:\Programme\a-squared Anti-Malware\a2guard.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [BoostSpeed] "C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe" /Q O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLitePro7\ICQLite.exe -trayboot O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144688549061 O18 - Protocol: bw+0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe logfiles: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: D864-140C Verzeichnis von C:\WINDOWS\system32 19.07.2006 23:54 50.257 nvapps.xml 16.07.2006 20:43 1.004.896 FNTCACHE.DAT 16.07.2006 16:06 380.350 perfh009.dat 16.07.2006 16:06 63.580 perfc007.dat 16.07.2006 16:06 52.764 perfc009.dat 16.07.2006 16:06 391.000 perfh007.dat 16.07.2006 16:06 786.220 PerfStringBackup.INI 14.07.2006 13:45 2.256 wpa.dbl 08.07.2006 15:30 434.688 ss2uinst.exe 03.07.2006 23:40 778.240 divx_xx07.dll 03.07.2006 23:40 778.240 divx_xx0c.dll 03.07.2006 23:40 761.856 divx_xx11.dll 03.07.2006 23:40 620.180 DivX.dll 27.06.2006 03:28 704.512 divxdec.ax 21.06.2006 21:44 108.544 pxcpyi64.exe 21.06.2006 21:44 109.568 pxinsi64.exe 21.06.2006 21:41 352.401 DivXMedia.ax 21.06.2006 12:49 53.248 dpuGUI10.dll 21.06.2006 12:43 4.276 divxsm.tlb 21.06.2006 12:43 520.192 DivXsm.exe 21.06.2006 12:43 10.863 dsm_ja.qm 21.06.2006 12:43 15.507 dsm_de.qm 21.06.2006 12:43 15.299 dsm_fr.qm 21.06.2006 12:43 3.596.288 qt-dx331.dll 21.06.2006 12:42 1.044.480 libdivx.dll 21.06.2006 12:42 200.704 ssldivx.dll 21.06.2006 12:34 90.112 dpl100.dll 21.06.2006 12:34 593.920 dpuGUI11.dll 21.06.2006 12:34 200.704 dtu100.dll 21.06.2006 12:34 344.064 dpus11.dll 21.06.2006 12:34 57.344 dpv11.dll 21.06.2006 12:34 294.912 dpu10.dll 21.06.2006 12:34 294.912 dpu11.dll 21.06.2006 12:33 12.288 DivXWMPExtType.dll 21.06.2006 12:33 118.784 DivXCodecUpdateChecker.exe 21.06.2006 12:33 8.523 dpude.qm 21.06.2006 12:33 3.136 dtu_de.qm 16.06.2006 14:34 48.936 sirenacm.dll 16.06.2006 06:47 316.594 prfh0407.dat 16.06.2006 06:47 48.156 prfc0407.dat 13.06.2006 15:11 57.384 avsda.dll 12.06.2006 18:55 8.464 sporder.dll 02.06.2006 15:57 16.832 amcompat.tlb 02.06.2006 15:57 23.392 nscompat.tlb 16.05.2006 22:23 339.968 pxwave.dll 16.05.2006 22:23 28.672 vxblock.dll 16.05.2006 22:23 450.560 pxdrv.dll 16.05.2006 22:23 61.440 pxhpinst.exe 16.05.2006 22:23 1.257.472 pxsfs.dll 16.05.2006 22:23 430.080 px.dll 16.05.2006 22:23 57.344 pxcpya64.exe 16.05.2006 22:23 176.128 pxmas.dll 16.05.2006 22:23 56.832 pxinsa64.exe 10.05.2006 20:17 2.230 lvcoinst.log 03.04.2006 13:35 7.006 jupdate-1.5.0_06-b05.log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: D864-140C Verzeichnis von C:\DOKUME~1\alex\LOKALE~1\Temp 19.07.2006 23:54 0 ~DF779E.tmp 19.07.2006 23:54 10.653 LVCOMSX.LOG 19.07.2006 23:44 16.384 ~DF10C3.tmp 19.07.2006 23:44 16.384 ~DFDDF3.tmp 19.07.2006 23:33 978 TmpICQMagic_{05736BBE-C20F-4F10-A6DE-4DB1E3564B0E}21762.html 19.07.2006 23:29 983 TmpICQMagic_{EC202595-1DFD-4301-A1EA-13C1E331B505}20959.html 19.07.2006 23:13 1.097 TWAIN.LOG 19.07.2006 23:13 3 Twain001.Mtx 19.07.2006 23:13 156 Twunk001.MTX 19.07.2006 23:07 44.123 TFR394.tmp 19.07.2006 23:07 48.280 TFR393.tmp 19.07.2006 23:07 61.925 TFR392.tmp 19.07.2006 23:07 44.596 TFR38E.tmp 19.07.2006 23:07 55.369 TFR38B.tmp 19.07.2006 23:07 31.446 TFR389.tmp 19.07.2006 23:07 36.163 TFR387.tmp 19.07.2006 23:07 27.777 TFR382.tmp 19.07.2006 23:07 32.204 TFR37C.tmp 19.07.2006 23:07 10.225 TFR37B.tmp 19.07.2006 23:07 71.682 TFR377.tmp 19.07.2006 23:07 23.427 TFR373.tmp 19.07.2006 23:07 67.560 TFR370.tmp 19.07.2006 23:07 59.218 TFR36C.tmp 19.07.2006 23:07 56.657 TFR36A.tmp 19.07.2006 23:07 46.660 TFR366.tmp 19.07.2006 23:07 20.560 TFR362.tmp 19.07.2006 23:07 40.950 TFR35E.tmp 19.07.2006 23:07 67.994 TFR35A.tmp 19.07.2006 23:07 46.021 TFR359.tmp 19.07.2006 23:06 74.063 TFR343.tmp 19.07.2006 23:06 84.030 TFR342.tmp 19.07.2006 23:06 129.685 TFR341.tmp 19.07.2006 23:06 42.703 TFR33F.tmp 19.07.2006 23:06 101.141 TFR33D.tmp 19.07.2006 23:06 21.122 TFR33C.tmp 19.07.2006 23:06 35.574 TFR33A.tmp 19.07.2006 20:46 16.384 ~DF1FA8.tmp 19.07.2006 20:46 16.384 ~DF175A.tmp 19.07.2006 20:31 0 fla247.tmp 19.07.2006 20:31 0 fla245.tmp 19.07.2006 20:28 0 fla243.tmp 19.07.2006 20:21 0 fla211.tmp 19.07.2006 20:19 0 fla20F.tmp 19.07.2006 12:33 416 java_install_reg.log 19.07.2006 10:37 1.648 jusched.log 19.07.2006 10:23 16.384 ~DF78C7.tmp 19.07.2006 10:23 16.384 ~DF359D.tmp 19.07.2006 00:30 8.885 TFRFC.tmp 18.07.2006 23:08 16.384 ~DFE849.tmp 18.07.2006 23:08 16.384 ~DFDB54.tmp 18.07.2006 22:55 16.384 ~DFB0FA.tmp 18.07.2006 22:55 16.384 ~DFB0AD.tmp 18.07.2006 22:55 16.384 ~DFB0E1.tmp 18.07.2006 22:55 16.384 ~DFB0C8.tmp 18.07.2006 22:54 16.384 ~DFD670.tmp 18.07.2006 22:54 16.384 ~DFD6EA.tmp 18.07.2006 18:54 479.370 mps_90ee.tmp 18.07.2006 18:14 16.384 ~DF10AA.tmp 18.07.2006 18:14 16.384 ~DF106A.tmp 18.07.2006 18:14 16.384 ~DF101E.tmp 18.07.2006 18:14 16.384 ~DFFDB.tmp 18.07.2006 16:29 0 Twunk002.MTX 18.07.2006 15:16 717 control.xml 18.07.2006 12:31 16.384 ~DFC91F.tmp 18.07.2006 12:31 16.384 ~DF94DA.tmp 18.07.2006 00:14 0 WER121.tmp 17.07.2006 21:08 0 ~DF106.tmp 17.07.2006 17:41 0 aax13.tmp 17.07.2006 17:37 0 aax9.tmp 17.07.2006 17:37 0 aax8.tmp 17.07.2006 17:34 0 aax7.tmp 17.07.2006 17:33 0 aax3.tmp 17.07.2006 17:33 0 aax2.tmp 17.07.2006 17:32 16.384 ~DF88F0.tmp 17.07.2006 17:32 16.384 ~DFCD7A.tmp 17.07.2006 12:59 16.384 ~DFC51D.tmp 17.07.2006 12:59 16.384 ~DF8AAB.tmp 17.07.2006 00:41 16.384 ~DFCD91.tmp 17.07.2006 00:40 16.384 ~DF878F.tmp 17.07.2006 00:10 16.384 ~DFA02E.tmp 17.07.2006 00:10 16.384 ~DF811B.tmp 15.07.2006 06:16 244 1F1205F7.TMP 11.07.2006 05:55 37 D8A3E45C.TMP 06.07.2006 23:03 24.613 IadHide5.dll 16.07.2005 23:01 91.748 DMS.bmp 16.07.2005 23:01 164.884 DMO.bmp 86 Datei(en) 2.626.339 Bytes 0 Verzeichnis(se), 18.877.554.688 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: D864-140C Verzeichnis von C:\WINDOWS 19.07.2006 23:54 0 0.log 19.07.2006 23:54 159 wiadebug.log 19.07.2006 23:54 0 wiaservc.log 19.07.2006 23:54 2.048 bootstat.dat 19.07.2006 23:53 521.121 WindowsUpdate.log 19.07.2006 23:53 32.546 SchedLgU.Txt 19.07.2006 23:43 199.262 ntbtlog.txt 19.07.2006 23:40 116 NeroDigital.ini 19.07.2006 23:38 172.191 setupact.log 18.07.2006 15:16 99.749 wmsetup.log 16.07.2006 16:05 0 homeDVD-Filme5.INI 16.07.2006 14:39 864.802 setupapi.log 06.07.2006 23:03 118.784 bwUnin-7.2.0.157-8876480SL.exe 18.06.2006 20:52 408 3gptoavi3.INI 12.06.2006 18:58 183.296 NDNuninstall7_22.exe 12.06.2006 18:55 50.688 NDNuninstall6_38.exe 12.06.2006 18:51 84 StyleBuilder.INI 11.06.2006 04:37 262 WINCMD.INI 02.06.2006 15:57 449 wmsetup10.log 02.06.2006 15:56 316.640 WMSysPr9.prx 17.05.2006 20:27 671 win.ini 11.04.2006 20:46 151 PhotoSnapViewer.INI 11.04.2006 07:06 14.398 spuninst.log 11.04.2006 07:06 48.483 comsetup.log 11.04.2006 07:06 16.185 iis6.log 11.04.2006 07:06 27.632 ntdtcsetup.log 11.04.2006 07:06 45.883 tsoc.log 11.04.2006 07:06 1.374 imsins.log 11.04.2006 07:06 5.733 msgsocm.log 11.04.2006 07:06 52.497 ocgen.log 11.04.2006 07:06 4.457 ocmsn.log 11.04.2006 07:06 110.456 FaxSetup.log 11.04.2006 07:00 719.709 svcpack.log 10.04.2006 19:42 28.248 xpsp1hfm.log 10.04.2006 19:42 1.374 imsins.BAK 10.04.2006 19:42 35.854 KB835732.log 10.04.2006 19:41 30.468 Q810833.log 10.04.2006 19:40 24.671 KB834707-IE6-20040929.115007.log 10.04.2006 19:39 23.810 KB828741.log 10.04.2006 19:38 14.043 Q329834.log 10.04.2006 19:38 18.583 KB823559.log 10.04.2006 19:38 18.146 Q817606.log 10.04.2006 19:37 17.705 Q329441.log 10.04.2006 19:36 14.177 Q810577.log 10.04.2006 19:35 11.092 Q811630.log 10.04.2006 19:35 7.152 Q329170.log 10.04.2006 19:34 2.165 Q329115.log 10.04.2006 19:34 1.802 Q329390.log 10.04.2006 19:33 1.419 Q323255.log 10.04.2006 19:33 650 Q329048.log 10.04.2006 19:14 6.261 KB842773.log 10.04.2006 18:28 16.384 Active Setup Log.txt 03.04.2006 18:34 77.205 DirectX.log 03.04.2006 13:39 65 msxmlcab.log 03.04.2006 13:37 81.920 bwUnin-6.1.4.68-8876480L.exe 02.04.2006 22:46 6.342 Windows Update.log 02.04.2006 21:47 403 ODBC.INI 02.04.2006 21:46 59 vbaddin.ini 01.04.2006 01:18 299.552 WMSysPrx.prx Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: D864-140C Verzeichnis von C:\ 19.07.2006 23:55 0 sys.txt 19.07.2006 23:54 5.894 system.txt 19.07.2006 23:54 4.506 systemtemp.txt 19.07.2006 23:54 99.510 system32.txt 19.07.2006 23:54 805.306.368 pagefile.sys 19.07.2006 23:41 890 rapport.txt 17.07.2006 00:14 210 VundoFix.txt 16.07.2006 17:30 45 TEST.XML 21.06.2006 16:41 1.223.654 Ars..*patsch*.jpg 03.04.2006 13:37 183 LogiSetup.log |
|
|
||
21.07.2006, 02:32
Ehrenmitglied
Beiträge: 29434 |
#4
rockin
LSPfix http://www.spychecker.com/program/lspfix.html - hake an: "I know what Im doing"--Remove - und loesche die newdotnet7_22.dll oder newdotnet6_38.dll (eventuell musst du die dll von links nach rechts bringen) ---------------------------------------------------------------- virustotal Oben auf der Seite --> auf Durchsuchen klicken --> die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten http://www.virustotal.com/flash/index_en.html C:\WINDOWS\system32\ss2uinst.exe C:\WINDOWS\SYSTEM32\antiwpa.dll poste den bericht __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
21.07.2006, 15:53
Member
Themenstarter Beiträge: 19 |
#5
Complete scanning result of "ss2uinst.exe", received in VirusTotal at 07.21.2006, 14:56:56 (CET).
Antivirus Version Update Result AntiVir 6.35.0.21 07.21.2006 no virus found Authentium 4.93.8 07.20.2006 no virus found Avast 4.7.844.0 07.19.2006 no virus found AVG 386 07.21.2006 no virus found BitDefender 7.2 07.21.2006 no virus found CAT-QuickHeal 8.00 07.20.2006 no virus found ClamAV devel-20060426 07.20.2006 no virus found DrWeb 4.33 07.21.2006 no virus found eTrust-InoculateIT 23.72.74 07.20.2006 no virus found eTrust-Vet 12.6.2305 07.21.2006 no virus found Ewido 4.0 07.21.2006 no virus found Fortinet 2.77.0.0 07.21.2006 no virus found F-Prot 3.16f 07.20.2006 no virus found F-Prot4 4.2.1.29 07.20.2006 no virus found Ikarus 0.2.65.0 07.21.2006 no virus found Kaspersky 4.0.2.24 07.21.2006 no virus found McAfee 4811 07.20.2006 no virus found Microsoft 1.1508 07.21.2006 no virus found NOD32v2 1.1672 07.21.2006 no virus found Norman 5.90.23 07.21.2006 no virus found Panda 9.0.0.4 07.20.2006 no virus found Sophos 4.07.0 07.21.2006 no virus found Symantec 8.0 07.21.2006 no virus found TheHacker 5.9.8.179 07.21.2006 no virus found UNA 1.83 07.20.2006 no virus found VBA32 3.11.0 07.20.2006 no virus found VirusBuster 4.3.7:9 07.21.2006 no virus found Aditional Information File size: 434688 bytes MD5: c6b0c3a94b8115df01944698b54bbe72 SHA1: 663c04de1c26c9e9148fcfd1bd83271abe796381 Complete scanning result of "antiwpa.dll", received in VirusTotal at 07.21.2006, 15:26:04 (CET). Antivirus Version Update Result AntiVir 6.35.0.21 07.21.2006 no virus found Authentium 4.93.8 07.20.2006 no virus found Avast 4.7.844.0 07.19.2006 no virus found AVG 386 07.21.2006 no virus found BitDefender 7.2 07.21.2006 no virus found CAT-QuickHeal 8.00 07.20.2006 no virus found ClamAV devel-20060426 07.20.2006 no virus found DrWeb 4.33 07.21.2006 no virus found eTrust-InoculateIT 23.72.74 07.20.2006 no virus found eTrust-Vet 12.6.2305 07.21.2006 no virus found Ewido 4.0 07.21.2006 no virus found Fortinet 2.77.0.0 07.21.2006 no virus found F-Prot 3.16f 07.20.2006 no virus found F-Prot4 4.2.1.29 07.20.2006 no virus found Ikarus 0.2.65.0 07.21.2006 no virus found Kaspersky 4.0.2.24 07.21.2006 no virus found McAfee 4811 07.20.2006 no virus found Microsoft 1.1508 07.21.2006 no virus found NOD32v2 1.1672 07.21.2006 no virus found Norman 5.90.23 07.21.2006 no virus found Panda 9.0.0.4 07.20.2006 no virus found Sophos 4.07.0 07.21.2006 no virus found Symantec 8.0 07.21.2006 no virus found TheHacker 5.9.8.179 07.21.2006 no virus found UNA 1.83 07.20.2006 no virus found VBA32 3.11.0 - no virus found VirusBuster 4.3.7:9 07.21.2006 no virus found Aditional Information File size: 5376 bytes MD5: 8a3de67f9a8b01feb7a26bcb26d7a6a8 SHA1: 3e13e5fdb1da48e2772cafb9c7cc3f2e86efcf3f |
|
|
||
21.07.2006, 16:06
Ehrenmitglied
Beiträge: 29434 |
#6
LSPfix
http://www.spychecker.com/program/lspfix.html - hake an: "I know what Im doing"--Remove - und loesche die newdotnet7_22.dll oder newdotnet6_38.dll (eventuell musst du die dll von links nach rechts bringen) -------------------------------------------------------------------------------------------------- 1. Gehe in die Registry Start-Ausfuehren - regedit HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\New.net HKEY_LOCAL_MACHINE\software\new.net HKEY_CURRENT_USER\Software\New.net 2. öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\System32\hp100.tmp (file missing)PC neustarten 3. desinstalliere: C:\Programme\NewDotNet 4. loesche: mit der killbox: http://virus-protect.org/killbox.html C:\WINDOWS\3gptoavi3.INI C:\WINDOWS\NDNuninstall7_22.exe C:\WINDOWS\NDNuninstall6_38.exe C:\WINDOWS\system32\sporder.dll 5. scanne mit Panda und poste den scanreport http://virus-protect.org/onlinescan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.07.2006, 04:01
Member
Themenstarter Beiträge: 19 |
#7
Zitat Sabina postetewas soll ich damit genau machen? Zitat 3.wie desinstalliere ich es? |
|
|
||
22.07.2006, 12:19
Ehrenmitglied
Beiträge: 29434 |
#8
wenn du in nicht weisst, wie man in der Registry arbeitet, wende den Avenger an:
http://virus-protect.org/artikel/tools/avenger.html kopiere rein (laut Anweisungen auf der Seite) : Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste hier den report vom Avenger, der nach Neustart erscheint. ** Deinstallieren: "Start -> Einstellungen -> Systemsteuerung -> Software" NewDotNet « __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.07.2006, 14:18
Member
Themenstarter Beiträge: 19 |
#9
//////////////////////////////////////////
Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKEY_CURRENT_USER\Software\New.net ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\moigfiuk ******************* Script file located at: \??\C:\Program Files\ryxgweqa.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\3gptoavi3.INI deleted successfully. File C:\WINDOWS\NDNuninstall7_22.exe deleted successfully. File C:\WINDOWS\NDNuninstall6_38.exe deleted successfully. File C:\WINDOWS\system32\sporder.dll deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\New.net deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\New.net deleted successfully. Completed script processing. ******************* Finished! Terminate. finde NewDotNet nicht in der Sofrtware auflistung zum desinstallieren |
|
|
||
22.07.2006, 14:51
Ehrenmitglied
Beiträge: 29434 |
#10
scanne mit ewido und poste den scanreport
http://virus-protect.org/ewido.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
23.07.2006, 15:11
Member
Themenstarter Beiträge: 19 |
#11
---------------------------------------------------------
ewido anti-spyware - Scan-Bericht --------------------------------------------------------- + Erstellt um: 15:10:03 23.07.2006 + Scan-Ergebnis: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta\{f7d40011-29bb-43eb-9c97-875ce89e9e36} -> Adware.Generic : Mit Backup gesäubert (unter Quarantäne gestellt). C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\avenger\backup-22.07.2006-14.09.50,57.zip/avenger/NDNuninstall6_38.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\avenger\backup-22.07.2006-14.09.50,57.zip/avenger/NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\avenger\backup.zip/avenger/NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). D:\Programme\a-squared Anti-Malware\Quarantine\af0a4e704080404ab499177bcd963ccf.a2q/Programme/newdotnet/newdotnet7_22.dll -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt). C:\Programme\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll -> Adware.Softomate : Mit Backup gesäubert (unter Quarantäne gestellt). :mozilla.71:C:\Dokumente und Einstellungen\alex\Anwendungsdaten\Mozilla\Firefox\Profiles\2k8x36d0.default\cookies.txt -> TrackingCookie.2o7 : Gesäubert. edit ::Berichtende |
|
|
||
Logfile of HijackThis v1.99.1
Scan saved at 00:44:34, on 17.07.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
D:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\rundll32.exe
D:\Programme\Winamp\winampa.exe
D:\Programme\ICQLitePro7\ICQLite.exe
D:\Programme\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
D:\Programme\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
D:\Programme\Opera\Opera.exe
C:\Dokumente und Einstellungen\alex\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\System32\hp100.tmp
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] "D:\Programme\ICQLitePro7\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [a-squared] "D:\Programme\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [BoostSpeed] "C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe" /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLitePro7\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144688549061
O18 - Protocol: bw+0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O21 - SSODL: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - C:\WINDOWS\System32\mzoeut.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
4 logfiles:
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C
Verzeichnis von C:\WINDOWS\system32
17.07.2006 00:35 50.257 nvapps.xml
17.07.2006 00:35 59.408 ld102.tmp
16.07.2006 23:56 4.972 stdole3.tlb
16.07.2006 22:31 10.752 simpole.tlb
16.07.2006 22:31 76.800 hp100.tmp
16.07.2006 20:43 1.004.896 FNTCACHE.DAT
16.07.2006 17:37 4.286 ts.ico
16.07.2006 17:37 4.286 ot.ico
16.07.2006 17:30 71.696 regperf.exe
16.07.2006 16:06 380.350 perfh009.dat
16.07.2006 16:06 52.764 perfc009.dat
16.07.2006 16:06 63.580 perfc007.dat
16.07.2006 16:06 391.000 perfh007.dat
16.07.2006 16:06 786.220 PerfStringBackup.INI
14.07.2006 13:45 2.256 wpa.dbl
08.07.2006 15:30 434.688 ss2uinst.exe
16.06.2006 14:34 48.936 sirenacm.dll
16.06.2006 06:47 316.594 prfh0407.dat
16.06.2006 06:47 48.156 prfc0407.dat
13.06.2006 15:11 57.384 avsda.dll
12.06.2006 18:55 8.464 sporder.dll
02.06.2006 15:57 16.832 amcompat.tlb
02.06.2006 15:57 23.392 nscompat.tlb
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 57.344 pxcpya64.exe
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 176.128 pxmas.dll
10.05.2006 20:17 2.230 lvcoinst.log
03.04.2006 13:35 7.006 jupdate-1.5.0_06-b05.log
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C
Verzeichnis von C:\DOKUME~1\alex\LOKALE~1\Temp
17.07.2006 00:36 512 ~DFC582.tmp
17.07.2006 00:36 229.376 ~DFC4E2.tmp
17.07.2006 00:36 1.468 LVCOMSX.LOG
17.07.2006 00:19 206 jusched.log
17.07.2006 00:10 16.384 ~DFA02E.tmp
17.07.2006 00:10 16.384 ~DF811B.tmp
06.07.2006 23:03 24.613 IadHide5.dll
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C
Verzeichnis von C:\WINDOWS
17.07.2006 00:36 0 0.log
17.07.2006 00:35 502.987 WindowsUpdate.log
17.07.2006 00:35 50 wiaservc.log
17.07.2006 00:35 159 wiadebug.log
17.07.2006 00:35 2.048 bootstat.dat
17.07.2006 00:34 32.546 SchedLgU.Txt
16.07.2006 21:56 116 NeroDigital.ini
16.07.2006 16:05 0 homeDVD-Filme5.INI
16.07.2006 14:39 864.802 setupapi.log
06.07.2006 23:03 118.784 bwUnin-7.2.0.157-8876480SL.exe
06.07.2006 09:10 98.534 wmsetup.log
18.06.2006 20:52 408 3gptoavi3.INI
12.06.2006 18:58 183.296 NDNuninstall7_22.exe
12.06.2006 18:55 50.688 NDNuninstall6_38.exe
12.06.2006 18:51 84 StyleBuilder.INI
11.06.2006 04:37 262 WINCMD.INI
02.06.2006 15:57 449 wmsetup10.log
02.06.2006 15:56 316.640 WMSysPr9.prx
17.05.2006 20:27 671 win.ini
11.04.2006 20:46 151 PhotoSnapViewer.INI
11.04.2006 07:06 14.398 spuninst.log
11.04.2006 07:06 16.185 iis6.log
11.04.2006 07:06 48.483 comsetup.log
11.04.2006 07:06 27.632 ntdtcsetup.log
11.04.2006 07:06 1.374 imsins.log
11.04.2006 07:06 45.883 tsoc.log
11.04.2006 07:06 5.733 msgsocm.log
11.04.2006 07:06 4.457 ocmsn.log
11.04.2006 07:06 52.497 ocgen.log
11.04.2006 07:06 110.456 FaxSetup.log
11.04.2006 07:00 719.709 svcpack.log
10.04.2006 19:42 28.248 xpsp1hfm.log
10.04.2006 19:42 35.854 KB835732.log
10.04.2006 19:42 1.374 imsins.BAK
10.04.2006 19:41 30.468 Q810833.log
10.04.2006 19:40 24.671 KB834707-IE6-20040929.115007.log
10.04.2006 19:39 23.810 KB828741.log
10.04.2006 19:38 14.043 Q329834.log
10.04.2006 19:38 18.583 KB823559.log
10.04.2006 19:38 18.146 Q817606.log
10.04.2006 19:37 17.705 Q329441.log
10.04.2006 19:36 14.177 Q810577.log
10.04.2006 19:35 11.092 Q811630.log
10.04.2006 19:35 7.152 Q329170.log
10.04.2006 19:34 2.165 Q329115.log
10.04.2006 19:34 1.802 Q329390.log
10.04.2006 19:33 1.419 Q323255.log
10.04.2006 19:33 650 Q329048.log
10.04.2006 19:14 6.261 KB842773.log
10.04.2006 19:14 171.891 setupact.log
10.04.2006 18:28 16.384 Active Setup Log.txt
03.04.2006 18:34 77.205 DirectX.log
03.04.2006 13:39 65 msxmlcab.log
03.04.2006 13:37 81.920 bwUnin-6.1.4.68-8876480L.exe
02.04.2006 22:46 6.342 Windows Update.log
02.04.2006 21:47 403 ODBC.INI
02.04.2006 21:46 59 vbaddin.ini
01.04.2006 01:18 299.552 WMSysPrx.prx
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C
Verzeichnis von C:\
17.07.2006 00:38 0 sys.txt
17.07.2006 00:38 5.845 system.txt
17.07.2006 00:38 586 systemtemp.txt
17.07.2006 00:35 98.601 system32.txt
17.07.2006 00:35 805.306.368 pagefile.sys
17.07.2006 00:14 210 VundoFix.txt
16.07.2006 17:30 45 TEST.XML
21.06.2006 16:41 1.223.654 Ars..*patsch*.jpg
03.04.2006 13:37 183 LogiSetup.log