Virus Alert in der Taskleiste

Thema ist geschlossen!
Thema ist geschlossen!
#0
17.07.2006, 02:05
Member

Beiträge: 19
#1 Erstellen eines Hijackthis-Logfiles

Logfile of HijackThis v1.99.1
Scan saved at 00:44:34, on 17.07.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
D:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\rundll32.exe
D:\Programme\Winamp\winampa.exe
D:\Programme\ICQLitePro7\ICQLite.exe
D:\Programme\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
D:\Programme\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
D:\Programme\Opera\Opera.exe
C:\Dokumente und Einstellungen\alex\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\System32\hp100.tmp
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] "D:\Programme\ICQLitePro7\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [a-squared] "D:\Programme\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [BoostSpeed] "C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe" /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLitePro7\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144688549061
O18 - Protocol: bw+0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O21 - SSODL: cholecyst - {ee2975b6-e8d5-405e-8448-8fe9590f6cfb} - C:\WINDOWS\System32\mzoeut.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe



4 logfiles:
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\WINDOWS\system32

17.07.2006 00:35 50.257 nvapps.xml
17.07.2006 00:35 59.408 ld102.tmp
16.07.2006 23:56 4.972 stdole3.tlb
16.07.2006 22:31 10.752 simpole.tlb
16.07.2006 22:31 76.800 hp100.tmp
16.07.2006 20:43 1.004.896 FNTCACHE.DAT
16.07.2006 17:37 4.286 ts.ico
16.07.2006 17:37 4.286 ot.ico
16.07.2006 17:30 71.696 regperf.exe
16.07.2006 16:06 380.350 perfh009.dat
16.07.2006 16:06 52.764 perfc009.dat
16.07.2006 16:06 63.580 perfc007.dat
16.07.2006 16:06 391.000 perfh007.dat
16.07.2006 16:06 786.220 PerfStringBackup.INI
14.07.2006 13:45 2.256 wpa.dbl
08.07.2006 15:30 434.688 ss2uinst.exe
16.06.2006 14:34 48.936 sirenacm.dll
16.06.2006 06:47 316.594 prfh0407.dat
16.06.2006 06:47 48.156 prfc0407.dat
13.06.2006 15:11 57.384 avsda.dll
12.06.2006 18:55 8.464 sporder.dll
02.06.2006 15:57 16.832 amcompat.tlb
02.06.2006 15:57 23.392 nscompat.tlb
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 57.344 pxcpya64.exe
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 176.128 pxmas.dll
10.05.2006 20:17 2.230 lvcoinst.log
03.04.2006 13:35 7.006 jupdate-1.5.0_06-b05.log


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\DOKUME~1\alex\LOKALE~1\Temp

17.07.2006 00:36 512 ~DFC582.tmp
17.07.2006 00:36 229.376 ~DFC4E2.tmp
17.07.2006 00:36 1.468 LVCOMSX.LOG
17.07.2006 00:19 206 jusched.log
17.07.2006 00:10 16.384 ~DFA02E.tmp
17.07.2006 00:10 16.384 ~DF811B.tmp
06.07.2006 23:03 24.613 IadHide5.dll



Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\WINDOWS

17.07.2006 00:36 0 0.log
17.07.2006 00:35 502.987 WindowsUpdate.log
17.07.2006 00:35 50 wiaservc.log
17.07.2006 00:35 159 wiadebug.log
17.07.2006 00:35 2.048 bootstat.dat
17.07.2006 00:34 32.546 SchedLgU.Txt
16.07.2006 21:56 116 NeroDigital.ini
16.07.2006 16:05 0 homeDVD-Filme5.INI
16.07.2006 14:39 864.802 setupapi.log
06.07.2006 23:03 118.784 bwUnin-7.2.0.157-8876480SL.exe
06.07.2006 09:10 98.534 wmsetup.log
18.06.2006 20:52 408 3gptoavi3.INI
12.06.2006 18:58 183.296 NDNuninstall7_22.exe
12.06.2006 18:55 50.688 NDNuninstall6_38.exe
12.06.2006 18:51 84 StyleBuilder.INI
11.06.2006 04:37 262 WINCMD.INI
02.06.2006 15:57 449 wmsetup10.log
02.06.2006 15:56 316.640 WMSysPr9.prx
17.05.2006 20:27 671 win.ini
11.04.2006 20:46 151 PhotoSnapViewer.INI
11.04.2006 07:06 14.398 spuninst.log
11.04.2006 07:06 16.185 iis6.log
11.04.2006 07:06 48.483 comsetup.log
11.04.2006 07:06 27.632 ntdtcsetup.log
11.04.2006 07:06 1.374 imsins.log
11.04.2006 07:06 45.883 tsoc.log
11.04.2006 07:06 5.733 msgsocm.log
11.04.2006 07:06 4.457 ocmsn.log
11.04.2006 07:06 52.497 ocgen.log
11.04.2006 07:06 110.456 FaxSetup.log
11.04.2006 07:00 719.709 svcpack.log
10.04.2006 19:42 28.248 xpsp1hfm.log
10.04.2006 19:42 35.854 KB835732.log
10.04.2006 19:42 1.374 imsins.BAK
10.04.2006 19:41 30.468 Q810833.log
10.04.2006 19:40 24.671 KB834707-IE6-20040929.115007.log
10.04.2006 19:39 23.810 KB828741.log
10.04.2006 19:38 14.043 Q329834.log
10.04.2006 19:38 18.583 KB823559.log
10.04.2006 19:38 18.146 Q817606.log
10.04.2006 19:37 17.705 Q329441.log
10.04.2006 19:36 14.177 Q810577.log
10.04.2006 19:35 11.092 Q811630.log
10.04.2006 19:35 7.152 Q329170.log
10.04.2006 19:34 2.165 Q329115.log
10.04.2006 19:34 1.802 Q329390.log
10.04.2006 19:33 1.419 Q323255.log
10.04.2006 19:33 650 Q329048.log
10.04.2006 19:14 6.261 KB842773.log
10.04.2006 19:14 171.891 setupact.log
10.04.2006 18:28 16.384 Active Setup Log.txt
03.04.2006 18:34 77.205 DirectX.log
03.04.2006 13:39 65 msxmlcab.log
03.04.2006 13:37 81.920 bwUnin-6.1.4.68-8876480L.exe
02.04.2006 22:46 6.342 Windows Update.log
02.04.2006 21:47 403 ODBC.INI
02.04.2006 21:46 59 vbaddin.ini
01.04.2006 01:18 299.552 WMSysPrx.prx



Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\

17.07.2006 00:38 0 sys.txt
17.07.2006 00:38 5.845 system.txt
17.07.2006 00:38 586 systemtemp.txt
17.07.2006 00:35 98.601 system32.txt
17.07.2006 00:35 805.306.368 pagefile.sys
17.07.2006 00:14 210 VundoFix.txt
16.07.2006 17:30 45 TEST.XML
21.06.2006 16:41 1.223.654 Ars..*patsch*.jpg
03.04.2006 13:37 183 LogiSetup.log
Seitenanfang Seitenende
18.07.2006, 17:43
Moderator

Beiträge: 7805
#2 Arbeite bitte ersteinmal http://siri.geekstogo.com/SmitfraudFix_De.php ab und poste dann nochmal ein Hijackthis log und ein datfind report...
__________
MfG Ralf
SEO-Spam Hunter
Seitenanfang Seitenende
19.07.2006, 23:58
Member

Themenstarter

Beiträge: 19
#3 Logfile of HijackThis v1.99.1
Scan saved at 23:48:01, on 19.07.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LogonUI.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\LVCOMSX.EXE
D:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\System32\rundll32.exe
D:\Programme\Winamp\winampa.exe
D:\Programme\ICQLitePro7\ICQLite.exe
D:\Programme\a-squared Anti-Malware\a2guard.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Programme\AntiVir PersonalEdition Classic\sched.exe
D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
D:\Programme\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
D:\Programme\Opera\Opera.exe
C:\Dokumente und Einstellungen\alex\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\System32\hp100.tmp (file missing)
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] "D:\Programme\ICQLitePro7\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [a-squared] "D:\Programme\a-squared Anti-Malware\a2guard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] D:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [BoostSpeed] "C:\Programme\AusLogics BoostSpeed\BoostSpeed.exe" /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLitePro7\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLitePro7\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1144688549061
O18 - Protocol: bw+0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {308EE290-4AC0-4583-AD72-0E0E5208E394} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - D:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - D:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe



logfiles:

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\WINDOWS\system32

19.07.2006 23:54 50.257 nvapps.xml
16.07.2006 20:43 1.004.896 FNTCACHE.DAT
16.07.2006 16:06 380.350 perfh009.dat
16.07.2006 16:06 63.580 perfc007.dat
16.07.2006 16:06 52.764 perfc009.dat
16.07.2006 16:06 391.000 perfh007.dat
16.07.2006 16:06 786.220 PerfStringBackup.INI
14.07.2006 13:45 2.256 wpa.dbl
08.07.2006 15:30 434.688 ss2uinst.exe
03.07.2006 23:40 778.240 divx_xx07.dll
03.07.2006 23:40 778.240 divx_xx0c.dll
03.07.2006 23:40 761.856 divx_xx11.dll
03.07.2006 23:40 620.180 DivX.dll
27.06.2006 03:28 704.512 divxdec.ax
21.06.2006 21:44 108.544 pxcpyi64.exe
21.06.2006 21:44 109.568 pxinsi64.exe
21.06.2006 21:41 352.401 DivXMedia.ax
21.06.2006 12:49 53.248 dpuGUI10.dll
21.06.2006 12:43 4.276 divxsm.tlb
21.06.2006 12:43 520.192 DivXsm.exe
21.06.2006 12:43 10.863 dsm_ja.qm
21.06.2006 12:43 15.507 dsm_de.qm
21.06.2006 12:43 15.299 dsm_fr.qm
21.06.2006 12:43 3.596.288 qt-dx331.dll
21.06.2006 12:42 1.044.480 libdivx.dll
21.06.2006 12:42 200.704 ssldivx.dll
21.06.2006 12:34 90.112 dpl100.dll
21.06.2006 12:34 593.920 dpuGUI11.dll
21.06.2006 12:34 200.704 dtu100.dll
21.06.2006 12:34 344.064 dpus11.dll
21.06.2006 12:34 57.344 dpv11.dll
21.06.2006 12:34 294.912 dpu10.dll
21.06.2006 12:34 294.912 dpu11.dll
21.06.2006 12:33 12.288 DivXWMPExtType.dll
21.06.2006 12:33 118.784 DivXCodecUpdateChecker.exe
21.06.2006 12:33 8.523 dpude.qm
21.06.2006 12:33 3.136 dtu_de.qm
16.06.2006 14:34 48.936 sirenacm.dll
16.06.2006 06:47 316.594 prfh0407.dat
16.06.2006 06:47 48.156 prfc0407.dat
13.06.2006 15:11 57.384 avsda.dll
12.06.2006 18:55 8.464 sporder.dll
02.06.2006 15:57 16.832 amcompat.tlb
02.06.2006 15:57 23.392 nscompat.tlb
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 57.344 pxcpya64.exe
16.05.2006 22:23 176.128 pxmas.dll
16.05.2006 22:23 56.832 pxinsa64.exe
10.05.2006 20:17 2.230 lvcoinst.log
03.04.2006 13:35 7.006 jupdate-1.5.0_06-b05.log


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\DOKUME~1\alex\LOKALE~1\Temp

19.07.2006 23:54 0 ~DF779E.tmp
19.07.2006 23:54 10.653 LVCOMSX.LOG
19.07.2006 23:44 16.384 ~DF10C3.tmp
19.07.2006 23:44 16.384 ~DFDDF3.tmp
19.07.2006 23:33 978 TmpICQMagic_{05736BBE-C20F-4F10-A6DE-4DB1E3564B0E}21762.html
19.07.2006 23:29 983 TmpICQMagic_{EC202595-1DFD-4301-A1EA-13C1E331B505}20959.html
19.07.2006 23:13 1.097 TWAIN.LOG
19.07.2006 23:13 3 Twain001.Mtx
19.07.2006 23:13 156 Twunk001.MTX
19.07.2006 23:07 44.123 TFR394.tmp
19.07.2006 23:07 48.280 TFR393.tmp
19.07.2006 23:07 61.925 TFR392.tmp
19.07.2006 23:07 44.596 TFR38E.tmp
19.07.2006 23:07 55.369 TFR38B.tmp
19.07.2006 23:07 31.446 TFR389.tmp
19.07.2006 23:07 36.163 TFR387.tmp
19.07.2006 23:07 27.777 TFR382.tmp
19.07.2006 23:07 32.204 TFR37C.tmp
19.07.2006 23:07 10.225 TFR37B.tmp
19.07.2006 23:07 71.682 TFR377.tmp
19.07.2006 23:07 23.427 TFR373.tmp
19.07.2006 23:07 67.560 TFR370.tmp
19.07.2006 23:07 59.218 TFR36C.tmp
19.07.2006 23:07 56.657 TFR36A.tmp
19.07.2006 23:07 46.660 TFR366.tmp
19.07.2006 23:07 20.560 TFR362.tmp
19.07.2006 23:07 40.950 TFR35E.tmp
19.07.2006 23:07 67.994 TFR35A.tmp
19.07.2006 23:07 46.021 TFR359.tmp
19.07.2006 23:06 74.063 TFR343.tmp
19.07.2006 23:06 84.030 TFR342.tmp
19.07.2006 23:06 129.685 TFR341.tmp
19.07.2006 23:06 42.703 TFR33F.tmp
19.07.2006 23:06 101.141 TFR33D.tmp
19.07.2006 23:06 21.122 TFR33C.tmp
19.07.2006 23:06 35.574 TFR33A.tmp
19.07.2006 20:46 16.384 ~DF1FA8.tmp
19.07.2006 20:46 16.384 ~DF175A.tmp
19.07.2006 20:31 0 fla247.tmp
19.07.2006 20:31 0 fla245.tmp
19.07.2006 20:28 0 fla243.tmp
19.07.2006 20:21 0 fla211.tmp
19.07.2006 20:19 0 fla20F.tmp
19.07.2006 12:33 416 java_install_reg.log
19.07.2006 10:37 1.648 jusched.log
19.07.2006 10:23 16.384 ~DF78C7.tmp
19.07.2006 10:23 16.384 ~DF359D.tmp
19.07.2006 00:30 8.885 TFRFC.tmp
18.07.2006 23:08 16.384 ~DFE849.tmp
18.07.2006 23:08 16.384 ~DFDB54.tmp
18.07.2006 22:55 16.384 ~DFB0FA.tmp
18.07.2006 22:55 16.384 ~DFB0AD.tmp
18.07.2006 22:55 16.384 ~DFB0E1.tmp
18.07.2006 22:55 16.384 ~DFB0C8.tmp
18.07.2006 22:54 16.384 ~DFD670.tmp
18.07.2006 22:54 16.384 ~DFD6EA.tmp
18.07.2006 18:54 479.370 mps_90ee.tmp
18.07.2006 18:14 16.384 ~DF10AA.tmp
18.07.2006 18:14 16.384 ~DF106A.tmp
18.07.2006 18:14 16.384 ~DF101E.tmp
18.07.2006 18:14 16.384 ~DFFDB.tmp
18.07.2006 16:29 0 Twunk002.MTX
18.07.2006 15:16 717 control.xml
18.07.2006 12:31 16.384 ~DFC91F.tmp
18.07.2006 12:31 16.384 ~DF94DA.tmp
18.07.2006 00:14 0 WER121.tmp
17.07.2006 21:08 0 ~DF106.tmp
17.07.2006 17:41 0 aax13.tmp
17.07.2006 17:37 0 aax9.tmp
17.07.2006 17:37 0 aax8.tmp
17.07.2006 17:34 0 aax7.tmp
17.07.2006 17:33 0 aax3.tmp
17.07.2006 17:33 0 aax2.tmp
17.07.2006 17:32 16.384 ~DF88F0.tmp
17.07.2006 17:32 16.384 ~DFCD7A.tmp
17.07.2006 12:59 16.384 ~DFC51D.tmp
17.07.2006 12:59 16.384 ~DF8AAB.tmp
17.07.2006 00:41 16.384 ~DFCD91.tmp
17.07.2006 00:40 16.384 ~DF878F.tmp
17.07.2006 00:10 16.384 ~DFA02E.tmp
17.07.2006 00:10 16.384 ~DF811B.tmp
15.07.2006 06:16 244 1F1205F7.TMP
11.07.2006 05:55 37 D8A3E45C.TMP
06.07.2006 23:03 24.613 IadHide5.dll
16.07.2005 23:01 91.748 DMS.bmp
16.07.2005 23:01 164.884 DMO.bmp
86 Datei(en) 2.626.339 Bytes
0 Verzeichnis(se), 18.877.554.688 Bytes frei


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\WINDOWS

19.07.2006 23:54 0 0.log
19.07.2006 23:54 159 wiadebug.log
19.07.2006 23:54 0 wiaservc.log
19.07.2006 23:54 2.048 bootstat.dat
19.07.2006 23:53 521.121 WindowsUpdate.log
19.07.2006 23:53 32.546 SchedLgU.Txt
19.07.2006 23:43 199.262 ntbtlog.txt
19.07.2006 23:40 116 NeroDigital.ini
19.07.2006 23:38 172.191 setupact.log
18.07.2006 15:16 99.749 wmsetup.log
16.07.2006 16:05 0 homeDVD-Filme5.INI
16.07.2006 14:39 864.802 setupapi.log
06.07.2006 23:03 118.784 bwUnin-7.2.0.157-8876480SL.exe
18.06.2006 20:52 408 3gptoavi3.INI
12.06.2006 18:58 183.296 NDNuninstall7_22.exe
12.06.2006 18:55 50.688 NDNuninstall6_38.exe

12.06.2006 18:51 84 StyleBuilder.INI
11.06.2006 04:37 262 WINCMD.INI
02.06.2006 15:57 449 wmsetup10.log
02.06.2006 15:56 316.640 WMSysPr9.prx
17.05.2006 20:27 671 win.ini
11.04.2006 20:46 151 PhotoSnapViewer.INI
11.04.2006 07:06 14.398 spuninst.log
11.04.2006 07:06 48.483 comsetup.log
11.04.2006 07:06 16.185 iis6.log
11.04.2006 07:06 27.632 ntdtcsetup.log
11.04.2006 07:06 45.883 tsoc.log
11.04.2006 07:06 1.374 imsins.log
11.04.2006 07:06 5.733 msgsocm.log
11.04.2006 07:06 52.497 ocgen.log
11.04.2006 07:06 4.457 ocmsn.log
11.04.2006 07:06 110.456 FaxSetup.log
11.04.2006 07:00 719.709 svcpack.log
10.04.2006 19:42 28.248 xpsp1hfm.log
10.04.2006 19:42 1.374 imsins.BAK
10.04.2006 19:42 35.854 KB835732.log
10.04.2006 19:41 30.468 Q810833.log
10.04.2006 19:40 24.671 KB834707-IE6-20040929.115007.log
10.04.2006 19:39 23.810 KB828741.log
10.04.2006 19:38 14.043 Q329834.log
10.04.2006 19:38 18.583 KB823559.log
10.04.2006 19:38 18.146 Q817606.log
10.04.2006 19:37 17.705 Q329441.log
10.04.2006 19:36 14.177 Q810577.log
10.04.2006 19:35 11.092 Q811630.log
10.04.2006 19:35 7.152 Q329170.log
10.04.2006 19:34 2.165 Q329115.log
10.04.2006 19:34 1.802 Q329390.log
10.04.2006 19:33 1.419 Q323255.log
10.04.2006 19:33 650 Q329048.log
10.04.2006 19:14 6.261 KB842773.log
10.04.2006 18:28 16.384 Active Setup Log.txt
03.04.2006 18:34 77.205 DirectX.log
03.04.2006 13:39 65 msxmlcab.log
03.04.2006 13:37 81.920 bwUnin-6.1.4.68-8876480L.exe
02.04.2006 22:46 6.342 Windows Update.log
02.04.2006 21:47 403 ODBC.INI
02.04.2006 21:46 59 vbaddin.ini
01.04.2006 01:18 299.552 WMSysPrx.prx


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: D864-140C

Verzeichnis von C:\

19.07.2006 23:55 0 sys.txt
19.07.2006 23:54 5.894 system.txt
19.07.2006 23:54 4.506 systemtemp.txt
19.07.2006 23:54 99.510 system32.txt
19.07.2006 23:54 805.306.368 pagefile.sys
19.07.2006 23:41 890 rapport.txt
17.07.2006 00:14 210 VundoFix.txt
16.07.2006 17:30 45 TEST.XML
21.06.2006 16:41 1.223.654 Ars..*patsch*.jpg
03.04.2006 13:37 183 LogiSetup.log
Seitenanfang Seitenende
21.07.2006, 02:32
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4 rockin

LSPfix
http://www.spychecker.com/program/lspfix.html
- hake an: "I know what Im doing"--Remove
- und loesche die newdotnet7_22.dll oder newdotnet6_38.dll (eventuell musst du die dll von links nach rechts bringen)

----------------------------------------------------------------

virustotal
Oben auf der Seite --> auf Durchsuchen klicken --> die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten
http://www.virustotal.com/flash/index_en.html

C:\WINDOWS\system32\ss2uinst.exe
C:\WINDOWS\SYSTEM32\antiwpa.dll


poste den bericht
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
21.07.2006, 15:53
Member

Themenstarter

Beiträge: 19
#5 Complete scanning result of "ss2uinst.exe", received in VirusTotal at 07.21.2006, 14:56:56 (CET).
Antivirus Version Update Result
AntiVir 6.35.0.21 07.21.2006 no virus found
Authentium 4.93.8 07.20.2006 no virus found
Avast 4.7.844.0 07.19.2006 no virus found
AVG 386 07.21.2006 no virus found
BitDefender 7.2 07.21.2006 no virus found
CAT-QuickHeal 8.00 07.20.2006 no virus found
ClamAV devel-20060426 07.20.2006 no virus found
DrWeb 4.33 07.21.2006 no virus found
eTrust-InoculateIT 23.72.74 07.20.2006 no virus found
eTrust-Vet 12.6.2305 07.21.2006 no virus found
Ewido 4.0 07.21.2006 no virus found
Fortinet 2.77.0.0 07.21.2006 no virus found
F-Prot 3.16f 07.20.2006 no virus found
F-Prot4 4.2.1.29 07.20.2006 no virus found
Ikarus 0.2.65.0 07.21.2006 no virus found
Kaspersky 4.0.2.24 07.21.2006 no virus found
McAfee 4811 07.20.2006 no virus found
Microsoft 1.1508 07.21.2006 no virus found
NOD32v2 1.1672 07.21.2006 no virus found
Norman 5.90.23 07.21.2006 no virus found
Panda 9.0.0.4 07.20.2006 no virus found
Sophos 4.07.0 07.21.2006 no virus found
Symantec 8.0 07.21.2006 no virus found
TheHacker 5.9.8.179 07.21.2006 no virus found
UNA 1.83 07.20.2006 no virus found
VBA32 3.11.0 07.20.2006 no virus found
VirusBuster 4.3.7:9 07.21.2006 no virus found

Aditional Information
File size: 434688 bytes
MD5: c6b0c3a94b8115df01944698b54bbe72
SHA1: 663c04de1c26c9e9148fcfd1bd83271abe796381



Complete scanning result of "antiwpa.dll", received in VirusTotal at 07.21.2006, 15:26:04 (CET).
Antivirus Version Update Result
AntiVir 6.35.0.21 07.21.2006 no virus found
Authentium 4.93.8 07.20.2006 no virus found
Avast 4.7.844.0 07.19.2006 no virus found
AVG 386 07.21.2006 no virus found
BitDefender 7.2 07.21.2006 no virus found
CAT-QuickHeal 8.00 07.20.2006 no virus found
ClamAV devel-20060426 07.20.2006 no virus found
DrWeb 4.33 07.21.2006 no virus found
eTrust-InoculateIT 23.72.74 07.20.2006 no virus found
eTrust-Vet 12.6.2305 07.21.2006 no virus found
Ewido 4.0 07.21.2006 no virus found
Fortinet 2.77.0.0 07.21.2006 no virus found
F-Prot 3.16f 07.20.2006 no virus found
F-Prot4 4.2.1.29 07.20.2006 no virus found
Ikarus 0.2.65.0 07.21.2006 no virus found
Kaspersky 4.0.2.24 07.21.2006 no virus found
McAfee 4811 07.20.2006 no virus found
Microsoft 1.1508 07.21.2006 no virus found
NOD32v2 1.1672 07.21.2006 no virus found
Norman 5.90.23 07.21.2006 no virus found
Panda 9.0.0.4 07.20.2006 no virus found
Sophos 4.07.0 07.21.2006 no virus found
Symantec 8.0 07.21.2006 no virus found
TheHacker 5.9.8.179 07.21.2006 no virus found
UNA 1.83 07.20.2006 no virus found
VBA32 3.11.0 - no virus found
VirusBuster 4.3.7:9 07.21.2006 no virus found

Aditional Information
File size: 5376 bytes
MD5: 8a3de67f9a8b01feb7a26bcb26d7a6a8
SHA1: 3e13e5fdb1da48e2772cafb9c7cc3f2e86efcf3f
Seitenanfang Seitenende
21.07.2006, 16:06
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#6 LSPfix
http://www.spychecker.com/program/lspfix.html
- hake an: "I know what Im doing"--Remove
- und loesche die newdotnet7_22.dll oder newdotnet6_38.dll (eventuell musst du die dll von links nach rechts bringen)

--------------------------------------------------------------------------------------------------

1.
Gehe in die Registry
Start-Ausfuehren - regedit

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\New.net
HKEY_LOCAL_MACHINE\software\new.net
HKEY_CURRENT_USER\Software\New.net

2.
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

Zitat

O2 - BHO: (no name) - {f7d40011-29bb-43eb-9c97-875ce89e9e36} - C:\WINDOWS\System32\hp100.tmp (file missing)
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
PC neustarten

3.
desinstalliere:

C:\Programme\NewDotNet

4.
loesche: mit der killbox:
http://virus-protect.org/killbox.html

C:\WINDOWS\3gptoavi3.INI
C:\WINDOWS\NDNuninstall7_22.exe
C:\WINDOWS\NDNuninstall6_38.exe
C:\WINDOWS\system32\sporder.dll

5.
scanne mit Panda und poste den scanreport
http://virus-protect.org/onlinescan.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
22.07.2006, 04:01
Member

Themenstarter

Beiträge: 19
#7

Zitat

Sabina postete
1.
Gehe in die Registry
Start-Ausfuehren - regedit

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\New.net
HKEY_LOCAL_MACHINE\software\new.net
HKEY_CURRENT_USER\Software\New.net
was soll ich damit genau machen?

Zitat

3.
desinstalliere:

C:\Programme\NewDotNet

wie desinstalliere ich es?
Seitenanfang Seitenende
22.07.2006, 12:19
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#8 wenn du in nicht weisst, wie man in der Registry arbeitet, wende den Avenger an:
http://virus-protect.org/artikel/tools/avenger.html

kopiere rein (laut Anweisungen auf der Seite) :

Zitat

registry keys to delete:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\New.net
HKEY_LOCAL_MACHINE\Software\New.net
HKEY_CURRENT_USER\Software\New.net

Files to delete:

C:\WINDOWS\3gptoavi3.INI
C:\WINDOWS\NDNuninstall7_22.exe
C:\WINDOWS\NDNuninstall6_38.exe
C:\WINDOWS\system32\sporder.dll
Klicke die gruene Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten

**
poste hier den report vom Avenger, der nach Neustart erscheint.

**
Deinstallieren:
"Start -> Einstellungen -> Systemsteuerung -> Software"
NewDotNet


«
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
22.07.2006, 14:18
Member

Themenstarter

Beiträge: 19
#9 //////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 0
Line: HKEY_CURRENT_USER\Software\New.net


//////////////////////////////////////////


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\moigfiuk

*******************

Script file located at: \??\C:\Program Files\ryxgweqa.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:



File C:\WINDOWS\3gptoavi3.INI deleted successfully.

File C:\WINDOWS\NDNuninstall7_22.exe deleted successfully.

File C:\WINDOWS\NDNuninstall6_38.exe deleted successfully.

File C:\WINDOWS\system32\sporder.dll deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\New.net deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\New.net deleted successfully.

Completed script processing.

*******************

Finished! Terminate.




finde NewDotNet nicht in der Sofrtware auflistung zum desinstallieren
Seitenanfang Seitenende
22.07.2006, 14:51
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#10 scanne mit ewido und poste den scanreport
http://virus-protect.org/ewido.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
23.07.2006, 15:11
Member

Themenstarter

Beiträge: 19
#11 ---------------------------------------------------------
ewido anti-spyware - Scan-Bericht
---------------------------------------------------------

+ Erstellt um: 15:10:03 23.07.2006

+ Scan-Ergebnis:



HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objecta\{f7d40011-29bb-43eb-9c97-875ce89e9e36} -> Adware.Generic : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\avenger\backup-22.07.2006-14.09.50,57.zip/avenger/NDNuninstall6_38.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\avenger\backup-22.07.2006-14.09.50,57.zip/avenger/NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\avenger\backup.zip/avenger/NDNuninstall7_22.exe -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
D:\Programme\a-squared Anti-Malware\Quarantine\af0a4e704080404ab499177bcd963ccf.a2q/Programme/newdotnet/newdotnet7_22.dll -> Adware.NewDotNet : Mit Backup gesäubert (unter Quarantäne gestellt).
C:\Programme\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll -> Adware.Softomate : Mit Backup gesäubert (unter Quarantäne gestellt).
:mozilla.71:C:\Dokumente und Einstellungen\alex\Anwendungsdaten\Mozilla\Firefox\Profiles\2k8x36d0.default\cookies.txt -> TrackingCookie.2o7 : Gesäubert.

edit

::Berichtende
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: