Computer total verseucht ? |
||
---|---|---|
#0
| ||
13.09.2006, 17:14
...neu hier
Beiträge: 3 |
||
|
||
14.09.2006, 00:59
Ehrenmitglied
Beiträge: 29434 |
#2
+
poste das log look.zip laden - entpacken - look.bat - doppeltklicken - kopiere den Text ab, der erscheint http://virus-protect.org/zip/look.zip + stelle den CleanUp genauso ein, wie hier angegeben: http://virus-protect.org/cleanup.html + Kopiere diese 4 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
14.09.2006, 10:01
...neu hier
Themenstarter Beiträge: 3 |
#3
Zu schritt 1
Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2004-C2FC Verzeichnis von C:\Dokumente und Einstellungen\Fabian\Anwendungsdaten 28.12.2005 23:44 <DIR> Atari 08.01.2006 16:54 <DIR> DATALA~1 Datalayer 12.08.2006 20:27 <DIR> DOESPU~1 Does pure 16.01.2006 21:06 <DIR> dvdcss 02.08.2004 22:30 <DIR> FotoWire 07.01.2006 12:02 <DIR> Google 15.09.2004 06:33 <DIR> Help 17.09.2004 18:57 <DIR> ICQLite 09.10.2004 13:22 <DIR> IDENTI~1 Identities 02.08.2004 23:10 <DIR> MACROM~1 Macromedia 02.08.2004 19:09 <DIR> Miranda 06.08.2004 22:57 <DIR> MSN6 02.02.2006 21:04 <DIR> Nokia 23.02.2006 13:22 <DIR> NOKIAM~1 Nokia Multimedia Player 16.04.2006 12:45 <DIR> Opera 08.01.2006 16:53 <DIR> PCSUIT~1 PC Suite 10.01.2006 23:09 <DIR> PHONOS~1 phonostar-Player 12.08.2006 20:27 <DIR> PLATFO~1 Platform warn 02.08.2004 23:54 <DIR> Real 14.09.2006 09:50 <DIR> Skype 03.08.2004 03:54 <DIR> Sun 03.09.2006 17:56 <DIR> TEAMSP~1 teamspeak2 20.04.2006 12:07 <DIR> vlc 08.08.2004 20:49 <DIR> Yahoo! 02.08.2004 21:24 <DIR> YAHOO!~1 Yahoo! Messenger 0 Datei(en) 0 Bytes 25 Verzeichnis(se), 8.074.625.024 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2004-C2FC Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten 02.03.2006 14:59 305 ADDR_F~1.HTM addr_file.html 13.09.2006 17:48 <DIR> ANTIVI~1 AntiVir PersonalEdition Classic 02.04.2006 16:40 <DIR> BEINSY~1 BeInSync Settings 06.08.2004 22:57 <DIR> MSN6 07.09.2004 16:27 <DIR> NVIEW_~1 nView_Profiles 12.08.2006 20:27 <DIR> PLUSSE~1 PlusSectBaseIdle 02.03.2006 15:01 <DIR> SECTAS~1 SecTaskMan 02.08.2004 19:35 <DIR> SPYBOT~1 Spybot - Search & Destroy 06.01.2006 13:45 <DIR> YAHOO!~1 Yahoo! Companion 1 Datei(en) 305 Bytes 8 Verzeichnis(se), 8.074.625.024 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2004-C2FC Verzeichnis von C:\WINDOWS\tasks 13.09.2006 22:00 270 B17A6948900E12A4.job 18.08.2001 14:00 65 desktop.ini 14.09.2006 09:47 6 SA.DAT 3 Datei(en) 341 Bytes 0 Verzeichnis(se), 8.074.625.024 Bytes frei C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf - deleted C:\WINDOWS\Prefetch\AVCENTER.EXE-37584419.pf - deleted C:\WINDOWS\Prefetch\AVGNT.EXE-36CA4640.pf - deleted C:\WINDOWS\Prefetch\AVGUARD.EXE-3490B18B.pf - deleted C:\WINDOWS\Prefetch\AVNOTIFY.EXE-22AE9451.pf - deleted C:\WINDOWS\Prefetch\AVSCAN.EXE-05AECC0E.pf - deleted C:\WINDOWS\Prefetch\AXIS THUNK.EXE-2960839B.pf - deleted C:\WINDOWS\Prefetch\CLEANUP.EXE-3438663A.pf - deleted C:\WINDOWS\Prefetch\CLEANUP452.EXE-2D40A6FF.pf - deleted C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted C:\WINDOWS\Prefetch\COAL LOCKS DUMB.EXE-136A1FD1.pf - deleted C:\WINDOWS\Prefetch\COPY SHIM TIME.EXE-2943A3F9.pf - deleted C:\WINDOWS\Prefetch\DART COOL.EXE-360DFD6C.pf - deleted C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf - deleted C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf - deleted C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted C:\WINDOWS\Prefetch\FLX1.DLL-19249E8E.pf - deleted C:\WINDOWS\Prefetch\FLX2.DLL-35DA3F24.pf - deleted C:\WINDOWS\Prefetch\FLX4.DLL-0F72C48F.pf - deleted C:\WINDOWS\Prefetch\FXMNGR.EXE-0F3DA022.pf - deleted C:\WINDOWS\Prefetch\ICQLITE.EXE-2AEFACA7.pf - deleted C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf - deleted C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted C:\WINDOWS\Prefetch\INTERB~1.EXE-02FB96B4.pf - deleted C:\WINDOWS\Prefetch\ISSEARCH.EXE-0E6059A7.pf - deleted C:\WINDOWS\Prefetch\Layout.ini - deleted C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf - deleted C:\WINDOWS\Prefetch\MSIMN.EXE-0B61806C.pf - deleted C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted C:\WINDOWS\Prefetch\NVSVC32.EXE-1F9EED18.pf - deleted C:\WINDOWS\Prefetch\OPERA.EXE-24550E7A.pf - deleted C:\WINDOWS\Prefetch\PREUPD.EXE-358AA1C1.pf - deleted C:\WINDOWS\Prefetch\REALPLAY.EXE-39F79CBD.pf - deleted C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-1C320F03.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-2EB8E8DC.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-2F37B821.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-44112005.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A5A9D78.pf - deleted C:\WINDOWS\Prefetch\SCHED.EXE-236A886F.pf - deleted C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf - deleted C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted C:\WINDOWS\Prefetch\UPDATE.EXE-13D57D76.pf - deleted C:\WINDOWS\Prefetch\WDFMGR.EXE-2CF4013B.pf - deleted C:\WINDOWS\Prefetch\WINRAR.EXE-3588DFE8.pf - deleted C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted C:\WINDOWS\Prefetch\YUPDATER.EXE-278A4587.pf - deleted So und nummer 3 hier standen keine 3 monate zu 2006 Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 2004-C2FC Verzeichnis von C:\WINDOWS\system32 14.09.2006 09:48 4.452 nvapps.xml 14.09.2006 09:47 5.120 ismini.exe 14.09.2006 09:47 18.432 ixt0.dll 13.09.2006 19:47 29.184 issearch.exe 13.09.2006 19:47 4.286 ot.ico 13.09.2006 19:47 4.286 ts.ico 13.09.2006 17:33 8.844 isnotify.exe 12.09.2006 23:10 176.128 wuwbxp.dll 12.09.2006 23:08 33.296 ishost.exe 12.09.2006 09:44 311.604 perfh009.dat 12.09.2006 09:44 316.594 perfh007.dat 12.09.2006 09:44 39.992 perfc009.dat 12.09.2006 09:44 48.156 perfc007.dat 12.09.2006 09:44 721.390 PerfStringBackup.INI 12.09.2006 09:22 2.184 wpa.dbl 02.06.2006 11:04 57.384 avsda.dll 16.01.2006 18:57 245.408 unicows.dll 06.01.2006 14:26 7.006 jupdate-1.5.0_06-b05.log 28.12.2005 23:44 43.520 CmdLineExt03.dll 14.12.2005 10:24 118.784 sirenacm.dll 10.11.2005 14:03 127.078 javaws.exe 10.11.2005 14:03 49.265 jpicpl32.cpl 10.11.2005 12:27 49.250 javaw.exe 10.11.2005 12:27 49.248 java.exe 18.07.2005 09:05 1.047.552 mfc71u.dll 06.07.2005 14:59 348.160 msvcr71.dll 26.05.2005 04:16 41.240 wups.dll 26.05.2005 04:16 18.200 wups2.dll 26.05.2005 04:16 1.343.768 wuaueng.dll 26.05.2005 04:16 173.536 wuweb.dll 26.05.2005 04:16 198.424 iuengine.dll 26.05.2005 04:16 75.544 cdm.dll 26.05.2005 04:16 128.280 wucltui.dll 26.05.2005 04:16 124.696 wuauclt.exe 26.05.2005 04:16 174.872 wuauclt1.exe 26.05.2005 04:16 174.872 wuaucpl.cpl 26.05.2005 04:16 466.200 wuapi.dll 26.05.2005 04:16 194.840 wuaueng1.dll 03.04.2005 23:25 3.069 jupdate-1.5.0_02-b09.log 22.03.2005 13:28 134.656 ConnAPI.dll 17.03.2005 14:49 25.600 NclTools.dll 15.02.2005 17:57 14.222 nmwcdcls.dll 15.02.2005 17:57 4.478 nmwcdlog.dll 29.01.2005 19:07 53.248 SanCpl.cpl Hoffe es hilft weiter |
|
|
||
14.09.2006, 12:43
Ehrenmitglied
Beiträge: 29434 |
#4
Murrock
poste das log: http://virus-protect.org/artikel/tools/combofix.html ------------------------------------------------------------------ 1. gehe in die Registry Start - Ausfuehren - regedit bearbeiten - suchen - wuwbxp.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] loeschen {168cf174-6dab-461c-a761-a7adfa5a5719} - C:\WINDOWS\System32\wuwbxp.dll 1.1. spyfalcon.zip -> http://virus-protect.org/zip/spyfalcon.zip -> entpacken auf dem Desktop -> spyfalcon.reg ->doppeltklicken und der Registry mit "ja/yes" beifügen 2. Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat Files to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste das log vom avenger, was nach neustart erscheint 3. scanne mit smitfraud.fix - option 1 und 2 , poste beide reporte http://virus-protect.org/artikel/tools/smitfrautfix.html 4. öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rdtjsptpatvrkliqvhyoh.net//oA3HYQMys7n0F7wzz/k4MVdvzpttj/_PC neustarten ** neue Startseite gehe zur Systemsteuerung --> Internetoptionen --> auf dem Reiter Allgemein bei Temporäre Internetdateien klickst du Dateien löschen --> auch bei Alle Offlineinhalte löschen das Häkchen setzen und mit OK bestätigen --> Auf den Reiter Programme gehen und dort auf Webeinstellungen zurücksetzen klicken, mit Ja bestätigen, fall Nachfrage kommt --> auf Übernehmen und abschließend auf OK klicken und stelle eine neue Startseite ein ** poste das neue Log vom HijackThis __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
14.09.2006, 15:37
...neu hier
Themenstarter Beiträge: 3 |
#5
Logfile of The Avenger version 1, by Swandog46
Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\uraukmwm ******************* Script file located at: \??\C:\kwnwfqrl.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* SmitFraudFix v2.87 Scan done at 15:33:28,59, 14.09.2006 Run from C:\Dokumente und Einstellungen\Fabian\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in normal mode »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\components\flx?.dll FOUND ! C:\WINDOWS\system32\components\flx??.dll FOUND ! C:\WINDOWS\system32\components\flx???.dll FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Dokumente und Einstellungen\Fabian\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu C:\DOKUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url FOUND ! C:\DOKUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» C:\DOKUME~1\Fabian\FAVORI~1 C:\DOKUME~1\Fabian\FAVORI~1\Antivirus Test Online.url FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Programme C:\Programme\Virus-Burst\ FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{168cf174-6dab-461c-a761-a7adfa5a5719}"="campy" [HKEY_CLASSES_ROOT\CLSID\{168cf174-6dab-461c-a761-a7adfa5a5719}\InProcServer32] @="C:\WINDOWS\System32\wuwbxp.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{168cf174-6dab-461c-a761-a7adfa5a5719}\InProcServer32] @="C:\WINDOWS\System32\wuwbxp.dll" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End Beginning to process script file: File C:\WINDOWS\tasks\B17A6948900E12A4.job deleted successfully. File C:\WINDOWS\system32\ismini.exe deleted successfully. File C:\WINDOWS\system32\ixt0.dll deleted successfully. File C:\WINDOWS\system32\issearch.exe deleted successfully. File C:\WINDOWS\system32\ot.ico deleted successfully. File C:\WINDOWS\system32\ts.ico not found! Deletion of file C:\WINDOWS\system32\ts.ico failed! Could not process line: C:\WINDOWS\system32\ts.ico Status: 0xc0000034 File C:\WINDOWS\system32\isnotify.exe deleted successfully. File C:\WINDOWS\system32\wuwbxp.dll deleted successfully. File C:\WINDOWS\system32\ishost.exe not found! Deletion of file C:\WINDOWS\system32\ishost.exe failed! Could not process line: C:\WINDOWS\system32\ishost.exe Status: 0xc0000034 Folder C:\Programme\BearShare deleted successfully. Folder C:\Programme\MyGlobalSearch deleted successfully. Folder C:\Programme\Safety Bar deleted successfully. Folder C:\Dokumente und Einstellungen\Fabian\Anwendungsdaten\Does pure deleted successfully. Folder C:\Dokumente und Einstellungen\Fabian\Anwendungsdaten\Platform warn deleted successfully. Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlusSectBaseIdle deleted successfully. Completed script processing. ******************* Finished! Terminate. SmitFraudFix v2.87 Scan done at 15:39:55,53, 14.09.2006 Run from C:\Dokumente und Einstellungen\Fabian\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in normal mode »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process Logfile of HijackThis v1.99.1 Scan saved at 15:46:35, on 14.09.2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\D-Tools\daemon.exe C:\Programme\Microsoft IntelliType Pro\type32.exe C:\Programme\Microsoft IntelliPoint\point32.exe C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\Mixer.exe C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programme\Gemeinsame Dateien\PCSuite\DataLayer\DataLayer.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\ICQLite\ICQLite.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe C:\PROGRA~1\GEMEIN~1\PCSuite\Services\SERVIC~1.EXE C:\Programme\phonostar\ps_timer.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\GEMEIN~1\Nokia\MPAPI\MPAPI3s.exe C:\Programme\Opera\Opera.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Dokumente und Einstellungen\Fabian\Desktop\HijackThis.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Programme\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Trojancheck 6 Guard] C:\Programme\Trojancheck 6\tcguard.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Programme\Logitech\ImageStudio\LogiTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Programme\Gemeinsame Dateien\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [uhtsqjam] C:\cllnlnob.bat O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [Steam] "c:\programme\steam\steam.exe" -silent O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [PcSync] C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PhonostarTimer] C:\Programme\phonostar\ps_timer.exe O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O18 - Protocol: bw+0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe Dieser Beitrag wurde am 14.09.2006 um 15:47 Uhr von Murrock editiert.
|
|
|
||
14.09.2006, 17:51
Ehrenmitglied
Beiträge: 29434 |
#6
+
wende von smitfraudfix die option 2 an, damit die viren nicht nur gefunden, sondern auch geloescht werden ! + fixe mit dem hijackThis Zitat O4 - HKLM\..\Run: [uhtsqjam] C:\cllnlnob.bat--------------------------------------------------------------------- + scanne mit panda und poste den report http://board.protecus.de/t8642.htm + mache die Windowsupdates, lade SP2 __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Scan saved at 17:51:46, on 13.09.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ishost.exe
C:\WINDOWS\System32\issearch.exe
C:\WINDOWS\System32\ismini.exe
C:\WINDOWS\System32\isnotify.exe
C:\Programme\D-Tools\daemon.exe
C:\Programme\Microsoft IntelliType Pro\type32.exe
C:\Programme\Microsoft IntelliPoint\point32.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\BearShare\BearShare.exe
C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programme\Gemeinsame Dateien\PCSuite\DataLayer\DataLayer.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\phonostar\ps_timer.exe
C:\Programme\Skype\Phone\Skype.exe
c:\progra~1\intern~1\iexplore.exe
C:\PROGRA~1\GEMEIN~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\GEMEIN~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\AntiVir PersonalEdition Classic\update.exe
C:\Programme\AntiVir PersonalEdition Classic\avcenter.exe
C:\Programme\AntiVir PersonalEdition Classic\avscan.exe
C:\Programme\Opera\Opera.exe
C:\Dokumente und Einstellungen\Fabian\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rdtjsptpatvrkliqvhyoh.net//oA3HYQMys7n0F7wzz/k4MVdvzpttj/_uKF1231LgfFraZauFivhFBnDsDrTnKTv.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - C:\WINDOWS\System32\ixt0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: (no name) - {C79EBA80-CAB4-D28C-73A0-649F65DCA50E} - C:\DOKUME~1\Fabian\ANWEND~1\DOESPU~1\Theblue.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Programme\Safety Bar\SafetyBar.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [hpfsched] C:\WINDOWS\hpfsched.exe
O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Programme\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Trojancheck 6 Guard] C:\Programme\Trojancheck 6\tcguard.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Programme\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Programme\Gemeinsame Dateien\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [Base Idle Bleh Pile] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlusSectBaseIdle\Inter Build.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Steam] "c:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [loadamen] C:\DOKUME~1\Fabian\ANWEND~1\PLATFO~1\copy shim time.exe
O4 - HKCU\..\Run: [PcSync] C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PhonostarTimer] C:\Programme\phonostar\ps_timer.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: bw+0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {E11870FE-1215-49B3-AC6E-B5B56AE77C86} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O21 - SSODL: campy - {168cf174-6dab-461c-a761-a7adfa5a5719} - C:\WINDOWS\System32\wuwbxp.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe