Home » Viren, Trojaner & Malware Forum » vundo.gen zerstört PC :( Bitte Hijack Log lesen » Themenansicht
vundo.gen zerstört PC :( Bitte Hijack Log lesenThema ist geschlossen! |
||
|---|---|---|
Thema ist geschlossen! |
||
| #0
| ||
|
22.10.2006, 15:12
Member
Beiträge: 12 |
||
 
|
|
|
|
22.10.2006, 15:38
Ehrenmitglied
 Beiträge: 29434 |
#2
««
stelle den CleanUp genauso ein, wie hier angegeben: http://virus-protect.org/cleanup.html «« poste dieses log http://virus-protect.org/artikel/tools/combofix.html «« Kopiere diese 6 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
22.10.2006, 16:12
Member
Themenstarter Beiträge: 12 |
#3
Erstmal hier der Log vom Combofix
Ben 1907 - 06-10-22 16:10:45,40 Service Pack 2 ComboFix 06.10.19 - Running from: "C:\Dokumente und Einstellungen\Ben 1907\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-09-22 to 2006-10-22 )))))))))))))))))))))))))))))))))) 2006-10-18 00:55 57,384 --a------ C:\WINDOWS\system32\avsda.dll 2006-10-18 00:55 32,768 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys 2006-10-18 00:55 14,848 --a------ C:\WINDOWS\system32\drivers\avgntmgr.sys 2006-10-17 02:31 223,128 --a------ C:\WINDOWS\system32\drivers\vaxscsi.sys 2006-10-17 01:42 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2006-10-17 01:42 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys 2006-10-17 01:40 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2006-10-17 01:40 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2006-10-14 16:00 216,064 --a------ C:\WINDOWS\iun3405.exe 2006-10-13 17:21 2,368 --a------ C:\WINDOWS\system32\SVKP.sys 2006-10-12 13:35 98,324 --a------ C:\WINDOWS\system32\dluaovjj.dll 2006-10-09 00:40 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2006-10-09 00:40 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2006-10-09 00:40 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2006-09-30 23:39 <DIR> d-------- C:\Dokumente und Einstellungen\Ben 1907\.exe 2006-09-25 18:27 143,380 --a------ C:\WINDOWS\system32\vcluduxr.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-22 16:07 -------- d-------- C:\Programme\CleanUp! 2006-10-22 15:36 -------- d-------- C:\Programme\MSN Messenger 2006-10-22 04:56 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Azureus 2006-10-19 21:29 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-10-19 02:22 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\FrostWire 2006-10-18 00:55 -------- d-------- C:\Programme\AntiVir PersonalEdition Classic 2006-10-18 00:49 -------- d-------- C:\Programme\Canon 2006-10-17 02:27 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2006-10-14 16:03 -------- d-------- C:\Programme\Project64 1.6 2006-10-14 16:01 -------- d-------- C:\Programme\Snes9x 2006-10-13 19:17 -------- d-------- C:\Programme\Google 2006-10-13 19:17 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Google 2006-10-10 15:47 -------- d---s---- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Microsoft 2006-10-05 14:04 149160 --a------ C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2006-10-02 18:58 24072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2006-09-25 18:27 -------- d-------- C:\Programme\VSToolbar 2006-09-25 18:27 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\SearchToolbarCorp 2006-09-19 21:59 56 -r-hs---- C:\WINDOWS\system32\3C63827CAD.sys 2006-09-19 21:59 3766 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2006-09-17 21:57 -------- d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2006-09-17 21:54 -------- d-a------ C:\Programme\Gemeinsame Dateien 2006-09-17 20:01 34308 --a------ C:\WINDOWS\system32\bassmod.dll 2006-09-17 19:28 -------- d-------- C:\Programme\Gemeinsame Dateien\Buhl Data Service 2006-09-17 16:14 -------- d-------- C:\Programme\Gemeinsame Dateien\DLE 2006-09-17 16:09 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Lavasoft 2006-09-17 04:37 33792 --a------ C:\WINDOWS\system32\cmdlgde.dll 2006-09-17 04:33 125712 --a------ C:\WINDOWS\system32\vb6de.dll 2006-09-17 04:25 24848 -ra------ C:\WINDOWS\system32\msdart32.dll 2006-09-17 04:24 158208 --a------ C:\WINDOWS\system32\mscmcde.dll 2006-09-16 13:20 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-09-15 22:00 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Xfire 2006-09-15 18:30 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\AdobeUM 2006-08-17 14:26 12820 --a------ C:\WINDOWS\system32\getuigja.exe 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-23 15:16 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "STYLEXP"="C:\\Programme\\TGTSoft\\StyleXP\\StyleXP.exe -Hide" "msnmsgr"="\"C:\\Programme\\MSN Messenger\\msnmsgr.exe\" /background" "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.5.0_08\\bin\\jusched.exe\"" "SoundMan"="SOUNDMAN.EXE" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit" "zBrowser Launcher"="d:\\Programme\\Logitech\\iTouch\\iTouch.exe" "Logitech Utility"="Logi_MwX.Exe" "ISUSPM Startup"="C:\\PROGRA~1\\GEMEIN~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" "avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "ClearRecentDocsOnExit"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe" "LogitechSoftwareUpdate"="C:\\Programme\\Logitech\\Video\\ManifestEngine.exe boot" "MsnMsgr"="\"C:\\Programme\\MSN Messenger\\MsnMsgr.Exe\" /background" "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "updateMgr"="\"C:\\Programme\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"D:\\Programme\\iTunes\\iTunesHelper.exe\"" "LogitechVideoRepair"="C:\\Programme\\Logitech\\Video\\ISStart.exe " "LogitechVideoTray"="C:\\Programme\\Logitech\\Video\\LogiTray.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "ISUSScheduler"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\issch.exe\" -start" "ISUSPM Startup"="C:\\PROGRA~1\\GEMEIN~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ualaca HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winowl32 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job Completion time: 06-10-22 16:11:10.15 C:\ComboFix.txt ... 06-10-22 16:11 ____ Und hier die 6 anderen (Ich hoff mal ich mach das richtig) Ich wollt nur anmerken das ich das alles im abgesichertem Modus gemacht habe,also wenn was fehlt,vielleicht liegts daran :/ Kenn mich da einfach nicht aus XD 1.Log 22.10.2006 15:59 664 d3d9caps.dat 22.10.2006 15:40 48.881 vsconfig.xml 22.10.2006 15:40 50.257 nvapps.xml 21.10.2006 23:27 4.212 zllictbl.dat 19.10.2006 12:30 460.432 FNTCACHE.DAT 19.10.2006 00:34 13.646 wpa.dbl 18.10.2006 00:34 2.953 CONFIG.NT 13.10.2006 17:21 2.368 SVKP.sys 12.10.2006 13:35 98.324 dluaovjj.dll 02.10.2006 18:58 24.072 uxtuneup.dll 01.10.2006 10:26 143 mcrh.tmp 25.09.2006 18:27 143.380 vcluduxr.exe 19.09.2006 21:59 3.766 KGyGaAvL.sys 19.09.2006 21:59 56 3C63827CAD.sys 17.09.2006 20:01 34.308 bassmod.dll 17.09.2006 04:40 1.066.176 mscomctl.ocx 17.09.2006 04:37 140.488 comdlg32.ocx 17.09.2006 04:37 33.792 cmdlgde.dll 17.09.2006 04:33 125.712 vb6de.dll 17.09.2006 04:25 24.848 msdart32.dll 17.09.2006 04:24 158.208 mscmcde.dll 07.09.2006 12:54 57.384 avsda.dll 24.08.2006 15:27 2 stera.log 23.08.2006 23:38 392.824 vsdatant.sys 23.08.2006 23:38 71.672 zlcommdb.dll 23.08.2006 23:38 83.960 zlcomm.dll 23.08.2006 23:38 440.312 vsutil.dll 23.08.2006 23:38 59.384 vswmi.dll 23.08.2006 23:38 100.344 vsxml.dll 23.08.2006 23:38 268.280 vspubapi.dll 23.08.2006 23:38 71.672 vsregexp.dll 23.08.2006 23:38 104.440 vsmonapi.dll 23.08.2006 23:38 157.688 vsinit.dll 23.08.2006 23:37 83.960 vsdata.dll 23.08.2006 23:37 796.584 libeay32_0.9.6l.dll 21.08.2006 00:42 8.833 jupdate-1.5.0_08-b03.log 17.08.2006 14:26 12.820 getuigja.exe 29.07.2006 19:32 48.936 sirenacm.dll 28.07.2006 09:30 236.824 xactengine2_3.dll 28.07.2006 09:30 62.744 xinput1_2.dll 26.07.2006 03:03 127.078 javaws.exe 26.07.2006 03:03 49.265 jpicpl32.cpl 26.07.2006 01:26 53.346 javaw.exe 26.07.2006 01:25 49.248 java.exe 24.07.2006 01:22 1.205 lvcoinst.log 23.07.2006 17:44 34.064 lhacm.acm 23.07.2006 15:16 43.520 CmdLineExt03.dll 23.07.2006 13:53 880.681 dgjlm.tmp 21.07.2006 01:43 2.773 nmp.log 21.07.2006 01:14 47.355 app_filter_ui.log 20.07.2006 20:22 100 _nvidia_xxx_.log 19.07.2006 12:12 146.650 BuzzingBee.wav 19.07.2006 12:12 940.794 LoopyMusic.wav 19.07.2006 10:38 311.604 perfh009.dat 19.07.2006 10:38 39.992 perfc009.dat 19.07.2006 10:38 48.156 perfc007.dat 19.07.2006 10:38 316.594 perfh007.dat 19.07.2006 10:38 723.744 PerfStringBackup.INI 18.07.2006 11:13 23.392 nscompat.tlb 18.07.2006 11:13 16.832 amcompat.tlb 2.Log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\DOKUME~1\BEN190~1\LOKALE~1\Temp 3.Log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\WINDOWS 22.10.2006 15:57 83.364 ntbtlog.txt 22.10.2006 15:57 0 0.log 22.10.2006 15:57 2.048 bootstat.dat 22.10.2006 15:40 50 wiaservc.log 22.10.2006 15:40 159 wiadebug.log 22.10.2006 15:40 0 Sti_Trace.log 22.10.2006 15:40 51 iTouch.ini 22.10.2006 15:39 0 SchedLgU.Txt 22.10.2006 15:38 708 WindowsUpdate.log 21.10.2006 17:11 60.416 ALCFDRTM.VER 21.10.2006 15:28 1.409 QTFont.for 21.10.2006 15:28 54.156 QTFont.qfn 19.10.2006 15:07 116 NeroDigital.ini 18.10.2006 20:37 997 eReg.dat 14.10.2006 16:00 740 win.ini 14.10.2006 16:00 216.064 iun3405.exe 09.10.2006 00:46 0 OpPrintServer.INI 17.09.2006 19:28 66 wiso.ini 17.09.2006 19:28 224 BUHL.INI 10.09.2006 17:42 169 RtlRack.ini 13.08.2006 04:29 0 musicmaker.INI 03.08.2006 20:06 3.587 mozver.dat 20.07.2006 12:52 400 ODBC.INI 20.07.2006 01:22 118.784 bwUnin-7.2.0.157-8876480SL.exe 19.07.2006 19:41 0 nsreg.dat 19.07.2006 13:09 316.640 WMSysPr9.prx 19.07.2006 13:06 81.920 bwUnin-6.1.4.68-8876480L.exe 19.07.2006 12:12 60.416 ALCFDRTM.EXE 31.05.2006 19:07 65 gvcasinos.ini 4.Log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\WINDOWS\Temp 5.Log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\WINDOWS\Downloaded Program Files 21.07.2006 14:58 86.528 UWA6PU_0001_N91M2107NetInstaller.exe 23.06.2006 10:46 1.648.416 Rawflow.ocx 25.05.2006 11:53 65 desktop.ini 27.03.2006 13:00 5.019 swflash.inf 10.06.2005 10:44 417.792 isusweb.dll 25.07.2002 18:13 24.576 dwusplay.dll 25.07.2002 18:13 196.608 dwusplay.exe 25.04.2002 11:31 135.168 metabar.dll 8 Datei(en) 2.514.172 Bytes 0 Verzeichnis(se), 7.732.580.352 Bytes frei 6.Log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\ 22.10.2006 16:18 0 sys.txt 22.10.2006 16:18 666 down.txt 22.10.2006 16:18 117 tmp.txt 22.10.2006 16:16 4.118 system.txt 22.10.2006 16:15 136 systemtemp.txt 22.10.2006 16:13 111.178 system32.txt 22.10.2006 16:11 9.793 ComboFix.txt 22.10.2006 15:57 1.610.612.736 pagefile.sys 01.10.2006 10:26 45 TEST.XML 17.09.2006 19:43 10.008 h8.sy2 17.09.2006 19:34 1.753 xx.rtf 15.09.2006 20:09 1.120 INSTALL.LOG 27.07.2006 15:04 0 regdump.arm9.txt 26.07.2006 19:25 0 itouch_config_crash_info.txt 26.07.2006 19:19 174 mw.log 26.07.2006 19:18 171 itouch.log 26.07.2006 19:18 0 itouch_crash_info.txt 21.07.2006 21:58 244 sqmnoopt07.sqm 21.07.2006 21:58 232 sqmdata07.sqm 21.07.2006 21:58 292 sqmdata06.sqm 21.07.2006 21:58 244 sqmnoopt06.sqm 21.07.2006 21:55 268 sqmdata05.sqm 21.07.2006 21:55 244 sqmnoopt05.sqm 21.07.2006 15:23 268 sqmdata04.sqm 21.07.2006 15:23 244 sqmnoopt04.sqm 21.07.2006 11:35 268 sqmdata03.sqm 21.07.2006 11:35 244 sqmnoopt03.sqm 19.07.2006 20:25 268 sqmdata02.sqm 19.07.2006 20:25 244 sqmnoopt02.sqm 19.07.2006 19:48 268 sqmdata01.sqm 19.07.2006 19:48 244 sqmnoopt01.sqm 19.07.2006 19:44 268 sqmdata00.sqm 19.07.2006 19:44 244 sqmnoopt00.sqm 19.07.2006 13:07 183 LogiSetup.log 01.07.2006 10:59 213 boot.ini 01.06.2006 17:41 489 ICSYSINF.log So ich hoffe mal ich habe alles richtig gemacht. Besteht eigentlich überhaupt ein Zusammenhang am seltsamen Verhaltens meines PC's und dem Virus ? Naja egal ich hoffe mal ihr könnt mir helfen Danke Sabine außerdem fürs schnelle Antworten ! Dieser Beitrag wurde am 22.10.2006 um 16:20 Uhr von Baldessarini editiert.
|
|
|
|
|
|
|
22.10.2006, 16:40
Ehrenmitglied
Beiträge: 29434 |
#4
Avenger
http://virus-protect.org/artikel/tools/avenger.html kopiere rin Zitat registry keys to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste das log vom avenger, was nach neustart erscheint __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
22.10.2006, 18:25
Member
Themenstarter Beiträge: 12 |
#5
Also
Als ich das gemacht habe, gabs ein paar Probleme.Es kamen ständig Fehlermeldung. Erstmal habe ich das alles im abgesicherten Modus gemacht Hier der Log dazu : ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 Error: could not create zip file. Error code: 0 ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\iwflglpg ******************* Script file located at: \??\C:\Program Files\pmmxkmiv.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN Status: 0xc0000034 Error: C:\Dokumente und Einstellungen\Ben 1907\.exe is a folder, not a file! Deletion of file C:\Dokumente und Einstellungen\Ben 1907\.exe failed! Could not process line: C:\Dokumente und Einstellungen\Ben 1907\.exe Status: 0xc00000ba File C:\WINDOWS\Downloaded Program Files\UWA6PU_0001_N91M2107NetInstaller.exe not found! Deletion of file C:\WINDOWS\Downloaded Program Files\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\Downloaded Program Files\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc0000034 Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.2\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.2\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.2\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.3\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.3\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.3\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.4\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.4\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.4\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.5\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.5\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.5\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a File C:\WINDOWS\Downloaded Program Files\metabar.dll not found! Deletion of file C:\WINDOWS\Downloaded Program Files\metabar.dll failed! Could not process line: C:\WINDOWS\Downloaded Program Files\metabar.dll Status: 0xc0000034 File C:\WINDOWS\gvcasinos.ini not found! Deletion of file C:\WINDOWS\gvcasinos.ini failed! Could not process line: C:\WINDOWS\gvcasinos.ini Status: 0xc0000034 File C:\WINDOWS\system32\getuigja.exe not found! Deletion of file C:\WINDOWS\system32\getuigja.exe failed! Could not process line: C:\WINDOWS\system32\getuigja.exe Status: 0xc0000034 File C:\WINDOWS\system32\dluaovjj.dll not found! Deletion of file C:\WINDOWS\system32\dluaovjj.dll failed! Could not process line: C:\WINDOWS\system32\dluaovjj.dll Status: 0xc0000034 File C:\WINDOWS\system32\mcrh.tmp not found! Deletion of file C:\WINDOWS\system32\mcrh.tmp failed! Could not process line: C:\WINDOWS\system32\mcrh.tmp Status: 0xc0000034 File C:\WINDOWS\system32\vcluduxr.exe not found! Deletion of file C:\WINDOWS\system32\vcluduxr.exe failed! Could not process line: C:\WINDOWS\system32\vcluduxr.exe Status: 0xc0000034 File C:\WINDOWS\system32\stera.log not found! Deletion of file C:\WINDOWS\system32\stera.log failed! Could not process line: C:\WINDOWS\system32\stera.log Status: 0xc0000034 Folder C:\Programme\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Programme\WinAntiVirus Pro 2006 failed! Could not process line: C:\Programme\WinAntiVirus Pro 2006 Status: 0xc0000034 Folder C:\Programme\VSToolbar not found! Deletion of folder C:\Programme\VSToolbar failed! Could not process line: C:\Programme\VSToolbar Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\SearchToolbarCorp not found! Deletion of folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\SearchToolbarCorp failed! Could not process line: C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\SearchToolbarCorp Status: 0xc0000034 Folder C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 failed! Could not process line: C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\WinAntiVirus Pro 2006 failed! Could not process line: C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\WinAntiVirus Pro 2006 Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinSoftware not found! Deletion of folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinSoftware failed! Could not process line: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinSoftware Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 failed! Could not process line: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 Status: 0xc0000034 Could not open folder C:\Programme\Common Files\Companion Wizard for deletion Deletion of folder C:\Programme\Common Files\Companion Wizard failed! Could not process line: C:\Programme\Common Files\Companion Wizard Status: 0xc000003a Registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ualaca not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ualaca failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winowl32 not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winowl32 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} failed! Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. Dann nochmal im normalen Windows Modus : ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKEY_CURRENT_USER\Software\WinAntiVirus Pro 2006 ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\bneylawn ******************* Script file located at: \??\C:\WINDOWS\fcfuufua.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VSPF Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf_hk Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vspf Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FWSvc Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FWSVC Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FOPN Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FOPN Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\FOPN Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FOPN Status: 0xc0000034 Error: C:\Dokumente und Einstellungen\Ben 1907\.exe is a folder, not a file! Deletion of file C:\Dokumente und Einstellungen\Ben 1907\.exe failed! Could not process line: C:\Dokumente und Einstellungen\Ben 1907\.exe Status: 0xc00000ba File C:\WINDOWS\Downloaded Program Files\UWA6PU_0001_N91M2107NetInstaller.exe not found! Deletion of file C:\WINDOWS\Downloaded Program Files\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\Downloaded Program Files\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc0000034 Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.1\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.2\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.2\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.2\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.3\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.3\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.3\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.4\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.4\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.4\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a Could not open file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.5\UWA6PU_0001_N91M2107NetInstaller.exe for deletion Deletion of file C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.5\UWA6PU_0001_N91M2107NetInstaller.exe failed! Could not process line: C:\WINDOWS\DOWNLOADED PROGRAM FILES\CONFLICT.5\UWA6PU_0001_N91M2107NetInstaller.exe Status: 0xc000003a File C:\WINDOWS\Downloaded Program Files\metabar.dll not found! Deletion of file C:\WINDOWS\Downloaded Program Files\metabar.dll failed! Could not process line: C:\WINDOWS\Downloaded Program Files\metabar.dll Status: 0xc0000034 File C:\WINDOWS\gvcasinos.ini not found! Deletion of file C:\WINDOWS\gvcasinos.ini failed! Could not process line: C:\WINDOWS\gvcasinos.ini Status: 0xc0000034 File C:\WINDOWS\system32\getuigja.exe not found! Deletion of file C:\WINDOWS\system32\getuigja.exe failed! Could not process line: C:\WINDOWS\system32\getuigja.exe Status: 0xc0000034 File C:\WINDOWS\system32\dluaovjj.dll not found! Deletion of file C:\WINDOWS\system32\dluaovjj.dll failed! Could not process line: C:\WINDOWS\system32\dluaovjj.dll Status: 0xc0000034 File C:\WINDOWS\system32\mcrh.tmp not found! Deletion of file C:\WINDOWS\system32\mcrh.tmp failed! Could not process line: C:\WINDOWS\system32\mcrh.tmp Status: 0xc0000034 File C:\WINDOWS\system32\vcluduxr.exe not found! Deletion of file C:\WINDOWS\system32\vcluduxr.exe failed! Could not process line: C:\WINDOWS\system32\vcluduxr.exe Status: 0xc0000034 File C:\WINDOWS\system32\stera.log not found! Deletion of file C:\WINDOWS\system32\stera.log failed! Could not process line: C:\WINDOWS\system32\stera.log Status: 0xc0000034 Folder C:\Programme\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Programme\WinAntiVirus Pro 2006 failed! Could not process line: C:\Programme\WinAntiVirus Pro 2006 Status: 0xc0000034 Folder C:\Programme\VSToolbar not found! Deletion of folder C:\Programme\VSToolbar failed! Could not process line: C:\Programme\VSToolbar Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\SearchToolbarCorp not found! Deletion of folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\SearchToolbarCorp failed! Could not process line: C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\SearchToolbarCorp Status: 0xc0000034 Folder C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 failed! Could not process line: C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006 Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\WinAntiVirus Pro 2006 failed! Could not process line: C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\WinAntiVirus Pro 2006 Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinSoftware not found! Deletion of folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinSoftware failed! Could not process line: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinSoftware Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 not found! Deletion of folder C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 failed! Could not process line: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinAntiVirus Pro 2006 Status: 0xc0000034 Could not open folder C:\Programme\Common Files\Companion Wizard for deletion Deletion of folder C:\Programme\Common Files\Companion Wizard failed! Could not process line: C:\Programme\Common Files\Companion Wizard Status: 0xc000003a Registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ualaca not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ualaca failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winowl32 not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winowl32 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinAntiVirus Pro 2006 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WA6P_is1 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\WinAntiVirus Pro 2006 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\SupportUninstall\WinAntiVirus Pro 2006 failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178F3FB-2560-458f-BDEE-631E2FE0DFE4} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B2A3156E-3332-4b47-AF5A-5B121503514F} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B646F5E2-0A48-421d-AC91-F96C92BFC17A} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E69F0D6A-1C69-4A04-8709-5EAC2019D9BE} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5141620-C2B2-4d95-9F0F-134D99C87AB0} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0903FECD-7F7A-4790-A819-A3CE08416732} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{85C99188-BEFD-4c61-A54B-5D7CB0204C1E} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B32FE740-8B67-409A-BCA8-3297263C354E} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1234890A-5E6E-4867-8136-CA6F1456B235} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{732B6533-7F78-4C47-9C01-2979BA0829B9} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FC0B8EB8-AE24-4FD6-B479-E2B464F32DA6} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{367A86A5-D048-4785-86BE-4E2706AAFDD9} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{2BC32EF8-BB73-4099-BB2E-0F2951B3E276} failed! Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. _______ Es kamen folgende Fehlermeldungne : Syntax error in line -- does not appear to be a valid registry path.Line will be ignored. Press OK to log error and contineu or cancel to abort Error code :o Line : HKEY_CURRENT_USER/Software/Win Antivirus Pro 2006 First step completed the Avenger has been succesfully .. [also eben das ende mit reebot] Was habe ich falsch gemacht ? Und außerdem komme ich jetzt nicht mehr mit dem normalen Windows Modus ins iInternet :/ |
|
|
|
|
|
|
22.10.2006, 20:07
Ehrenmitglied
Beiträge: 29434 |
#6
mache vom abgesicherten modus aus eine systemwiederherstellung, so weit als moeglich zurueck, dann poste noch mal das log von combofix + die 6 logs von datfindbat
Systemwiederherstellung Start -> Hilfe und Support -> zur Option "Computeränderungen mit der Systemwiederherstellung rückgängig machen" Dort wählst du: "Computer zu einem früheren Zeitpunkt wiederherstellen" -> Weiter Die fett angezeigten Daten im Kalender zeigen dir gesetzte Wiederherstellungspunkte. _______________________________________________________________ ist fuer mich: Zitat Error: C:\Dokumente und Einstellungen\Ben 1907\.exe is a folder, not a file! __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.10.2006, 01:53
Member
Themenstarter Beiträge: 12 |
#7
ok jetzt kommen wir zu einem kleinen Problem Sabinchen [erstmal auf jeden Fall einen riesen Dank für deine Hilfe ! Ich glaube ohne sie, würde ich vor Verzweiflung einfach meinen ganzen PC formatieren und sehr traurig und gestresst sein (=> Stress macht krank,also tust du auch meiner Gesundheit gut XD) ]
Ich habe versucht diese Systemwiederherstellung zu machen. Die Sache dabei ist [das habe ich mir schon fast vorher gedacht] das ich an meinem PC eigentlich nichts besonderes verändert habe,außer Gothic 3 und Sims Pets installiert. Also habe ich den 17.Oktober ausgewählt [früheres Datum gibt es nicht :/] Dann kam aber nach der Systemwiederherstellung die Meldung,das nichts verändert wurde außer Gothic 3 installiert. Ich glaube aber auch der vundo.gen Trojaner is weg ... jedenfalls bekomme ich keine Antivirus Meldung mehr. Bedeutet : Mein eigentliches Problem ist gelöst Das einzige was mich stört, ist das ich im normalen Modus nicht mehr ins Internet kann :/ Woran kann das liegen ? Also ich konnte gestern [als der PC noch halbwegs ging] nicht wegen ZoneLab rein [was ich wegen vundo.gen vor Verzweiflung installiert habe], weil ZonaLab ja ein Firewall Programm ist. Habe ZoneLab dann deinstalliert und konnte wieder ins Internet. Paar Tipps ? |
|
|
|
|
|
|
23.10.2006, 08:49
Ehrenmitglied
Beiträge: 29434 |
#8
erst einmal poste die 6 logs von datfindbat und das log von combofix, ich will sehen, ob trotz der systemwiederherstellung Viren auf dem Rechner sind.
wenn der Zonealarm ein Problem darstellt, so nutze ihn nicht ..oder konfiguriere ihn korrekt. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.10.2006, 14:57
Member
Themenstarter Beiträge: 12 |
#9
Ok Sabine, wird gemacht
 Kannst du dann vielleicht auch in den Logs gucken warum ich im normalen Modus kein Internet mehr habe ? Danke dir nochmal Ben 1907 - 06-10-23 14:48:14,00 Service Pack 2 ComboFix 06.10.19 - Running from: "C:\Dokumente und Einstellungen\Ben 1907\Desktop\reparier dings" ((((((((((((((((((((((((((((((( Files Created from 2006-09-23 to 2006-10-23 )))))))))))))))))))))))))))))))))) 2006-10-22 18:51 3,991 --a------ C:\avexport.bat 2006-10-18 00:55 57,384 --a------ C:\WINDOWS\system32\avsda.dll 2006-10-18 00:55 32,768 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys 2006-10-18 00:55 14,848 --a------ C:\WINDOWS\system32\drivers\avgntmgr.sys 2006-10-17 02:31 223,128 --a------ C:\WINDOWS\system32\drivers\vaxscsi.sys 2006-10-17 01:42 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2006-10-17 01:42 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys 2006-10-17 01:40 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2006-10-17 01:40 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2006-10-14 16:00 216,064 --a------ C:\WINDOWS\iun3405.exe 2006-10-13 17:21 2,368 --a------ C:\WINDOWS\system32\SVKP.sys 2006-10-09 00:40 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2006-10-09 00:40 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2006-10-09 00:40 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2006-09-30 23:39 <DIR> d-------- C:\Dokumente und Einstellungen\Ben 1907\.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-23 01:33 -------- d-------- C:\Programme\MSN Messenger 2006-10-23 01:33 -------- d-------- C:\Programme\CleanUp! 2006-10-23 01:33 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Azureus 2006-10-19 21:29 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-10-19 02:22 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\FrostWire 2006-10-18 00:55 -------- d-------- C:\Programme\AntiVir PersonalEdition Classic 2006-10-18 00:49 -------- d-------- C:\Programme\Canon 2006-10-17 02:27 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2006-10-14 16:03 -------- d-------- C:\Programme\Project64 1.6 2006-10-14 16:01 -------- d-------- C:\Programme\Snes9x 2006-10-13 19:17 -------- d-------- C:\Programme\Google 2006-10-13 19:17 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Google 2006-10-10 15:47 -------- d---s---- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Microsoft 2006-10-05 14:04 149160 --a------ C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\GDIPFONTCACHEV1.DAT 2006-10-02 18:58 24072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2006-09-19 21:59 56 -r-hs---- C:\WINDOWS\system32\3C63827CAD.sys 2006-09-19 21:59 3766 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2006-09-17 21:57 -------- d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2006-09-17 21:54 -------- d-a------ C:\Programme\Gemeinsame Dateien 2006-09-17 20:01 34308 --a------ C:\WINDOWS\system32\bassmod.dll 2006-09-17 19:28 -------- d-------- C:\Programme\Gemeinsame Dateien\Buhl Data Service 2006-09-17 16:14 -------- d-------- C:\Programme\Gemeinsame Dateien\DLE 2006-09-17 16:09 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Lavasoft 2006-09-17 04:37 33792 --a------ C:\WINDOWS\system32\cmdlgde.dll 2006-09-17 04:33 125712 --a------ C:\WINDOWS\system32\vb6de.dll 2006-09-17 04:25 24848 -ra------ C:\WINDOWS\system32\msdart32.dll 2006-09-17 04:24 158208 --a------ C:\WINDOWS\system32\mscmcde.dll 2006-09-16 13:20 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-09-15 22:00 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\Xfire 2006-09-15 18:30 -------- d-------- C:\Dokumente und Einstellungen\Ben 1907\Anwendungsdaten\AdobeUM 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-23 15:16 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "STYLEXP"="C:\\Programme\\TGTSoft\\StyleXP\\StyleXP.exe -Hide" "msnmsgr"="\"C:\\Programme\\MSN Messenger\\msnmsgr.exe\" /background" "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.5.0_08\\bin\\jusched.exe\"" "SoundMan"="SOUNDMAN.EXE" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit" "zBrowser Launcher"="d:\\Programme\\Logitech\\iTouch\\iTouch.exe" "Logitech Utility"="Logi_MwX.Exe" "ISUSPM Startup"="C:\\PROGRA~1\\GEMEIN~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" "avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "ClearRecentDocsOnExit"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe" "LogitechSoftwareUpdate"="C:\\Programme\\Logitech\\Video\\ManifestEngine.exe boot" "MsnMsgr"="\"C:\\Programme\\MSN Messenger\\MsnMsgr.Exe\" /background" "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "updateMgr"="\"C:\\Programme\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_8 -reboot 1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"D:\\Programme\\iTunes\\iTunesHelper.exe\"" "LogitechVideoRepair"="C:\\Programme\\Logitech\\Video\\ISStart.exe " "LogitechVideoTray"="C:\\Programme\\Logitech\\Video\\LogiTray.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "ISUSScheduler"="\"C:\\Programme\\Gemeinsame Dateien\\InstallShield\\UpdateService\\issch.exe\" -start" "ISUSPM Startup"="C:\\PROGRA~1\\GEMEIN~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job Completion time: 06-10-23 14:48:41.57 C:\ComboFix.txt ... 06-10-23 14:48 C:\ComboFix2.txt ... 06-10-22 16:11 Datfindbat system32 ///////////////////////// Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\WINDOWS\system32 23.10.2006 14:44 50.257 nvapps.xml 23.10.2006 14:36 48.881 vsconfig.xml 22.10.2006 18:51 5.314 asyoclvn.txt 22.10.2006 15:59 664 d3d9caps.dat 21.10.2006 23:27 4.212 zllictbl.dat 19.10.2006 12:30 460.432 FNTCACHE.DAT 19.10.2006 00:34 13.646 wpa.dbl 18.10.2006 00:34 2.953 CONFIG.NT 13.10.2006 17:21 2.368 SVKP.sys 02.10.2006 18:58 24.072 uxtuneup.dll 19.09.2006 21:59 3.766 KGyGaAvL.sys 19.09.2006 21:59 56 3C63827CAD.sys 17.09.2006 20:01 34.308 bassmod.dll 17.09.2006 04:40 1.066.176 mscomctl.ocx 17.09.2006 04:37 33.792 cmdlgde.dll 17.09.2006 04:37 140.488 comdlg32.ocx 17.09.2006 04:33 125.712 vb6de.dll 17.09.2006 04:25 24.848 msdart32.dll 17.09.2006 04:24 158.208 mscmcde.dll 07.09.2006 12:54 57.384 avsda.dll 23.08.2006 23:38 392.824 vsdatant.sys 23.08.2006 23:38 71.672 zlcommdb.dll 23.08.2006 23:38 83.960 zlcomm.dll 23.08.2006 23:38 100.344 vsxml.dll 23.08.2006 23:38 59.384 vswmi.dll 23.08.2006 23:38 440.312 vsutil.dll 23.08.2006 23:38 268.280 vspubapi.dll 23.08.2006 23:38 71.672 vsregexp.dll 23.08.2006 23:38 104.440 vsmonapi.dll 23.08.2006 23:38 157.688 vsinit.dll 23.08.2006 23:37 83.960 vsdata.dll 23.08.2006 23:37 796.584 libeay32_0.9.6l.dll 21.08.2006 00:42 8.833 jupdate-1.5.0_08-b03.log 29.07.2006 19:32 48.936 sirenacm.dll 28.07.2006 09:30 236.824 xactengine2_3.dll 28.07.2006 09:30 62.744 xinput1_2.dll 26.07.2006 03:03 127.078 javaws.exe 26.07.2006 03:03 49.265 jpicpl32.cpl 26.07.2006 01:26 53.346 javaw.exe 26.07.2006 01:25 49.248 java.exe 24.07.2006 01:22 1.205 lvcoinst.log 23.07.2006 17:44 34.064 lhacm.acm 23.07.2006 15:16 43.520 CmdLineExt03.dll 23.07.2006 13:53 880.681 dgjlm.tmp 21.07.2006 01:43 2.773 nmp.log 21.07.2006 01:14 47.355 app_filter_ui.log 20.07.2006 20:22 100 _nvidia_xxx_.log 19.07.2006 12:12 146.650 BuzzingBee.wav 19.07.2006 12:12 940.794 LoopyMusic.wav 19.07.2006 10:38 311.604 perfh009.dat 19.07.2006 10:38 39.992 perfc009.dat 19.07.2006 10:38 316.594 perfh007.dat 19.07.2006 10:38 48.156 perfc007.dat 19.07.2006 10:38 723.744 PerfStringBackup.INI 18.07.2006 11:13 23.392 nscompat.tlb 18.07.2006 11:13 16.832 amcompat.tlb 26.06.2006 10:47 6.948 jupdate-1.5.0_06-b05.log 22.06.2006 12:47 181.248 rasmans.dll 09.06.2006 03:19 5.967.776 MRT.exe 03.06.2006 23:09 139 ' 01.06.2006 20:47 27.648 jgpl400.dll 01.06.2006 20:47 163.840 jgdw400.dll ////////////////////////// systemtemp ///////////////////////// Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\DOKUME~1\BEN190~1\LOKALE~1\Temp //////////////////////// system /////////////////////// Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\WINDOWS 23.10.2006 14:46 83.058 ntbtlog.txt 23.10.2006 14:46 0 0.log 23.10.2006 14:46 2.048 bootstat.dat 23.10.2006 14:45 1.206 SchedLgU.Txt 23.10.2006 14:45 214 wiadebug.log 23.10.2006 14:45 2.124 WindowsUpdate.log 23.10.2006 14:44 51 iTouch.ini 23.10.2006 14:35 50 wiaservc.log 22.10.2006 18:37 0 Sti_Trace.log 21.10.2006 17:11 60.416 ALCFDRTM.VER 21.10.2006 15:28 1.409 QTFont.for 21.10.2006 15:28 54.156 QTFont.qfn 19.10.2006 15:07 116 NeroDigital.ini 18.10.2006 20:37 997 eReg.dat 14.10.2006 16:00 740 win.ini 14.10.2006 16:00 216.064 iun3405.exe 09.10.2006 00:46 0 OpPrintServer.INI 17.09.2006 19:28 66 wiso.ini 17.09.2006 19:28 224 BUHL.INI 10.09.2006 17:42 169 RtlRack.ini 13.08.2006 04:29 0 musicmaker.INI 03.08.2006 20:06 3.587 mozver.dat 20.07.2006 12:52 400 ODBC.INI 20.07.2006 01:22 118.784 bwUnin-7.2.0.157-8876480SL.exe 19.07.2006 19:41 0 nsreg.dat 19.07.2006 13:09 316.640 WMSysPr9.prx 19.07.2006 13:06 81.920 bwUnin-6.1.4.68-8876480L.exe 19.07.2006 12:12 60.416 ALCFDRTM.EXE 25.05.2006 23:46 6.865 Ascd_tmp.ini 25.05.2006 23:23 231 system.ini 25.05.2006 11:54 0 control.ini 25.05.2006 11:54 4.161 ODBCINST.INI 25.05.2006 11:53 749 WindowsShell.Manifest 25.05.2006 11:50 37 vbaddin.ini 25.05.2006 11:50 36 vb.ini 15.07.2005 09:10 2.856 mgxoschk.ini ////////////////////////////// tmp ///////////////////////////// Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\WINDOWS\Temp //////////////////////////// down ////////////////////////// Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\WINDOWS\Downloaded Program Files 23.06.2006 10:46 1.648.416 Rawflow.ocx 25.05.2006 11:53 65 desktop.ini 27.03.2006 13:00 5.019 swflash.inf 10.06.2005 10:44 417.792 isusweb.dll 25.07.2002 18:13 24.576 dwusplay.dll 25.07.2002 18:13 196.608 dwusplay.exe 6 Datei(en) 2.292.476 Bytes 0 Verzeichnis(se), 7.607.328.768 Bytes frei //////////////////////////// sys /////////////////////////// Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 581B-CD99 Verzeichnis von C:\ 23.10.2006 14:56 0 sys.txt 23.10.2006 14:56 543 down.txt 23.10.2006 14:56 117 tmp.txt 23.10.2006 14:55 4.067 system.txt 23.10.2006 14:51 136 systemtemp.txt 23.10.2006 14:51 110.894 system32.txt 23.10.2006 14:48 9.340 ComboFix.txt 23.10.2006 14:46 1.610.612.736 pagefile.sys 22.10.2006 18:51 3.991 avexport.bat 22.10.2006 16:11 9.793 ComboFix2.txt 01.10.2006 10:26 45 TEST.XML 17.09.2006 19:43 10.008 h8.sy2 15.09.2006 20:09 1.120 INSTALL.LOG 27.07.2006 15:04 0 regdump.arm9.txt 26.07.2006 19:25 0 itouch_config_crash_info.txt 26.07.2006 19:19 174 mw.log 26.07.2006 19:18 171 itouch.log 26.07.2006 19:18 0 itouch_crash_info.txt 21.07.2006 21:58 244 sqmnoopt07.sqm 21.07.2006 21:58 232 sqmdata07.sqm 21.07.2006 21:58 244 sqmnoopt06.sqm 21.07.2006 21:58 292 sqmdata06.sqm 21.07.2006 21:55 268 sqmdata05.sqm 21.07.2006 21:55 244 sqmnoopt05.sqm 21.07.2006 15:23 268 sqmdata04.sqm 21.07.2006 15:23 244 sqmnoopt04.sqm 21.07.2006 11:35 268 sqmdata03.sqm 21.07.2006 11:35 244 sqmnoopt03.sqm 19.07.2006 20:25 244 sqmnoopt02.sqm 19.07.2006 20:25 268 sqmdata02.sqm 19.07.2006 19:48 244 sqmnoopt01.sqm 19.07.2006 19:48 268 sqmdata01.sqm 19.07.2006 19:44 244 sqmnoopt00.sqm 19.07.2006 19:44 268 sqmdata00.sqm 19.07.2006 13:07 183 LogiSetup.log 01.07.2006 10:59 213 boot.ini 01.06.2006 17:41 489 ICSYSINF.log 25.05.2006 11:54 0 IO.SYS ///////////////////////////////// |
|
|
|
|
|
|
23.10.2006, 15:39
Ehrenmitglied
Beiträge: 29434 |
#10
1.
Versteckte- und Systemdateien sichtbar machen http://virus-protect.org/invisible.html 2. C:\Dokumente und Einstellungen\Ben 1907\.exe-> loeschen + Papierkorb leeren, dann starte den Rechner neu 3. scanne und poste den scanreport http://virus-protect.org/cureit.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.10.2006, 19:57
Member
Themenstarter Beiträge: 12 |
#11
Hey Sabine
Nochmal zum Internet Problem. Ich habe ZoneAlarm schon deinstalliert und ich komme im normalen Modus trotzdem immernoch nicht ins Internet :/ Hab ich vielleicht mit avenger was wichtiges fürs Internet gelöscht ? So ich glaube das ist der Bericht : backup-22.10.2006-17.54.59,85.zip\avenger/dluaovjj.dll C:\avenger\backup-22.10.2006-17.54.59,85.zip Trojan.Virtumod backup-22.10.2006-17.54.59,85.zip\avenger/getuigja.exe C:\avenger\backup-22.10.2006-17.54.59,85.zip Trojan.LowZones.177 backup-22.10.2006-17.54.59,85.zip\avenger/UWA6PU_0001_N91M2107NetInstaller.exe C:\avenger\backup-22.10.2006-17.54.59,85.zip Trojan.DownLoader.10963 backup-22.10.2006-17.54.59,85.zip\avenger/vcluduxr.exe C:\avenger\backup-22.10.2006-17.54.59,85.zip Adware.SearchColours backup-22.10.2006-17.54.59,85.zip\avenger/VSToolbar/VSToolBar.dll C:\avenger\backup-22.10.2006-17.54.59,85.zip Adware.SearchColours backup-22.10.2006-17.54.59,85.zip C:\avenger Archiv enthält infizierte Objekte Gelöscht. A0062507.dll C:\System Volume Information\_restore{0D791A4F-A155-486A-9E14-72D58A54D6B5}\RP193 Adware.Duncan Gelöscht. A0063585.dll C:\System Volume Information\_restore{0D791A4F-A155-486A-9E14-72D58A54D6B5}\RP193 Trojan.Virtumod Gelöscht. A0063586.exe C:\System Volume Information\_restore{0D791A4F-A155-486A-9E14-72D58A54D6B5}\RP193 Trojan.LowZones.177 Gelöscht. A0063589.exe C:\System Volume Information\_restore{0D791A4F-A155-486A-9E14-72D58A54D6B5}\RP193 Trojan.DownLoader.10963 Gelöscht. A0063590.exe C:\System Volume Information\_restore{0D791A4F-A155-486A-9E14-72D58A54D6B5}\RP193 Adware.SearchColours Gelöscht. A0063591.dll C:\System Volume Information\_restore{0D791A4F-A155-486A-9E14-72D58A54D6B5}\RP193 Adware.SearchColours Gelöscht. A0024854.dll F:\System Volume Information\_restore{2C088A87-FC22-4807-9148-110EEB2BB4C7}\RP128 Adware.SaveNow Gelöscht. [/i] |
|
|
|
|
|
|
24.10.2006, 11:35
Ehrenmitglied
Beiträge: 29434 |
#12
mit avenger wurden nur die Viren geloescht.....
du kannst es mit einer systemwiederherstellung versuchen und dann beginnen wir die reinigung von vorn __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
24.10.2006, 15:40
Member
Themenstarter Beiträge: 12 |
#13
Das mit der Systemwiederherstellung klappt nicht :/
Egal welches Datum ich auswähle, der Computer macht keine Systemwiederherstellung [Bedeutet : Ich klicke ein Datum an, dann auf Weiter, dann kommt die Warnung das ich alles speichern soll e.t.c. e.t.c. , dann wird Windows doch "halb heruntergefahren" und eine Systemwiederherstellung gemacht => dann jedoch nach Neustart kommt die Meldung, das nichts geändert wurde ] Was kann ich da jetzt noch machen ? Ich habe schon mit mehreren Programmen nach Viren , Spyware, Würmern e.t.c. gesucht [Spypot Search and Destroy, CCCleaner, HDCleaner, Ad-Aware SE Personal, Cleanup! , Dr.Web ] Hier mal mein Hijackthis log aus dem abgesichertem Modus : Logfile of HijackThis v1.99.1 Scan saved at 15:45:13, on 24.10.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE D:\Programme\Mozilla Firefox\firefox.exe C:\Programme\MSN Messenger\msnmsgr.exe C:\Dokumente und Einstellungen\Ben 1907\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - (no file) O2 - BHO: (no name) - {71FCA290-4D7D-4D0C-82E6-F005A348E663} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: (no name) - {849B9523-785F-4014-9CAF-079FB4A74C61} - (no file) O2 - BHO: (no name) - {F5DA88C1-C34D-45C3-954E-4C49ECBE9658} - (no file) O3 - Toolbar: (no name) - {2685A3D0-1459-45EE-8426-5B8CF98899A8} - (no file) O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [zBrowser Launcher] d:\Programme\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [SpIDerMail] "D:\Programme\DrWeb\spiderml.exe" O4 - HKLM\..\Run: [DrWebScheduler] "D:\Programme\DrWeb\DRWEBSCD.EXE" O4 - HKLM\..\Run: [SpIDerNT] D:\PROGRA~1\DrWeb\spidernt.exe /agent O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing) O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll O15 - Trusted Zone: http://locator.cdn.imageservr.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://www.giga.de/giga-stream-test/Rawflow.cab O16 - DPF: {2685A3D0-1459-45EE-8426-5B8CF98899A8} - http://www.metacrawler1.de/metabar/metabar.cab O18 - Protocol: bw+0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - (no file) O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - (no file) O18 - Protocol: offline-8876480 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SpIDer Guard for Windows NT (spidernt) - Doctor Web, Ltd. - D:\PROGRA~1\DrWeb\SpiderNT.exe O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Aaaah was ich gerade hier sehe. Irgendwas von ZoneLabs ist immernoch da ! Wie kriege ich das weg ? Dieser Beitrag wurde am 24.10.2006 um 15:47 Uhr von Baldessarini editiert.
|
|
|
|
|
|
|
24.10.2006, 17:07
Ehrenmitglied
Beiträge: 29434 |
#14
Um die Diensteverwaltung explizit aufzurufen, geben Sie ein unter
Start - Ausführen: services.msc Zonelarm deaktvieren - TrueVector Internet Monitor (vsmon) dann deinstalliere Zonealarm --------------------------------- fixe mit dem hijackThis: Zitat O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - (no file) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
24.10.2006, 20:29
Member
Themenstarter Beiträge: 12 |
#15
Puh es klappt wieder ... habe eine Anleitung im Internet zum kompletten Deinstallieren von ZoneAlarm gefunden ... na endlich
Das Ding kommt nicht mehr auf meinen RechnerAlso Sabine ich danke dir viiielmals ! Kann ich jetzt eigentlich sicher sein das der Trojaner weg ist ? Und hast du vielleicht paar Tipps [Links,Downloads e.t.c.] wie ich meinen PC sicher schützen kann. Kenne mich da nicht gut aus :/ |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Vorweg : Ich weiß das es noch andere Themen und Informationen bei Google oder im Forum zu vundo.gen gibt, aber bei mir ist es ein etwas anderes Problem und ich habe auch einen anderen Hijack log file
Ich habe momentan so Riesen Probleme mit meinem PC und weiß einfach nicht wie ich sie lösen soll.
Teils auch weil ich mich nicht mit PC's gut auskenne [jedenfalls nicht die Experten Dinge]
Ich würde mich wirklich riesig über jede Hilfe freuen.
1. Dauernd bekomme ich die Antivirus von Antivir "TR/vundo.gen"
Wenn man auf löschen klickt passiert nichts und ignorieren hilft auch nicht, weil es nach 2 Minuten wieder kommt
Betroffen ist die einzige Datei in meinem Config Ordner " ualaca.dll"
Jedenfalls bekomme ich das Ding einfach nicht weg
2. Soi nachdem das mit vundo.gen ungefähr 1 Woche ging und ich ihn einfach nicht webgekommen habe, geht mein PC nur noch zur Hälfte. Wenn man Windows normal startet geht es eigentlich garnicht, man kann nichts starten , die Taskleiste nicht anklicken und auch keine Ordner anklicken. Im Abgesicherten Modus kann ich auch nicht viel machen, plötzlich bleibt der ganze PC hängen e.t.c e.tc.
Ich würde mich sehr über eure Hilfe freuen
Hier mein Hijackthis log :
Zitat:
Logfile of HijackThis v1.99.1
Scan saved at 22:41:14, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RunDLL32.exe
D:\Programme\Logitech\iTouch\iTouch.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
d:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\TGTSoft\StyleXP\StyleXP.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\iPod\bin\iPodService.exe
D:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\WinRAR\WinRAR.exe
C:\WINDOWS\system32\svchost.exe
C:\DOKUME~1\*****\LOKALE~1\Temp\Rar$EX00.703\Hijac kThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: Metacrawler - {2685A3D0-1459-45EE-8426-5B8CF98899A8} - C:\WINDOWS\Downloaded Program Files\metabar.dll
O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Programme\VSToolbar\VSToolBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_08\bin\jusched.exe "
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [zBrowser Launcher] d:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://www.giga.de/giga-stream-test/Rawflow.cab
O16 - DPF: {2685A3D0-1459-45EE-8426-5B8CF98899A8} (Metacrawler) - http://www.metacrawler1.de/metabar/metabar.cab
O18 - Protocol: bw+0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {CDF8D752-A117-467E-B29A-565EF0C3AC87} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firewall service (FWSvc) - Unknown owner - C:\Programme\WinAntiVirus Pro 2006\FWSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe