Home » Spyware & Browser Hijacker Support Forum » awtss.dll nicht löschbar » Themenansicht

awtss.dll nicht löschbar
#0
23.12.2006, 16:10
Kingslayer
...neu hier

Beiträge: 2
#1 Ich habe Windows Xp mit service pack 2

diese Datei wird von meinem virenscanner(anti vir) als möglicher virus erkannt jegliche versuche sie zu löschen scheitereten auch nicht mit hijackthis .
ich kann nicht mehr arbeiten da mein virenscanner immer wenn ich etwas machen will mir diese warnung zeigt und ich dann erst auf ok klicken muss und sonst NIX machen kann


Logfile of HijackThis v1.99.1
Scan saved at 16:30:14, on 23.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE
C:\Programme\Razer\Copperhead\razerhid.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Razer\Copperhead\razerofa.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Valve\Steam\Steam.exe
C:\Programme\WinTV\Ir.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Fabian\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {FA47D1F7-1B54-49CF-9476-71A8683FD951} - C:\WINDOWS\system32\awtss.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [diagent] C:\Programme\Creative\SBLive\Diagnostics\diagent.exe startup
O4 - HKLM\..\Run: [EPSON Stylus Photo RX500] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0K2.EXE /P24 "EPSON Stylus Photo RX500" /O5 "LPT1:" /M "Stylus Photo RX500"
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [razer] C:\Programme\Razer\CopperHead\razerhid.exe
O4 - HKLM\..\Run: [Copperhead] C:\Programme\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [Steam.exe] C:\Programme\Valve\Steam\Steam.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: phase6_Erinnerung.lnk = C:\Programme\phase6\phase6_V1_5\WinStart\WinStart.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100455678437
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB
O18 - Protocol: bw+0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: Festoon - (no CLSID) - (no file)
O18 - Protocol: offline-8876480 - {CE6A7FEF-3E3B-4499-AC6A-B5E53467DFA1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: ,
O20 - Winlogon Notify: awtss - C:\WINDOWS\system32\awtss.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\MV\TightVNC\WinVNC.exe" -service (file missing)
O23 - Service: WMDM PMSP Service - Unknown owner - C:\WINDOWS\System32\MsPMSPSv.exe (file missing)

Mein Problem ist die Datei im Ordner awtss.dll


ich habe den cleaner angewendet


hier die datfind.bat angaben

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 1C7A-471C

Verzeichnis von c:\

23.12.2006 16:33 0 dirdat.txt
23.12.2006 15:13 17.294 logmon.log
23.12.2006 15:13 805.306.368 pagefile.sys
24.10.2006 20:26 1.725 SYSTEM.T~
06.12.2005 07:47 2 MSDOS.SYS
01.06.2005 11:20 320 BOOT.INI
01.06.2005 11:11 47.564 NTDETECT.COM
01.06.2005 11:11 251.184 NTLDR
01.06.2005 10:28 303 BOOT.BXP
13.03.2004 11:30 940 debugInstaller.txt
29.02.2004 14:46 40.960 t2j0.1
31.01.2003 13:40 194 BOOT.BKK
28.01.2003 07:32 3.275 DELL.SDR
11.09.2002 12:22 0 CONFIG.SYS
11.09.2002 12:22 0 AUTOEXEC.BAT
11.09.2002 12:22 0 IO.SYS
11.09.2002 11:59 512 BOOTSECT.DOS
29.08.2002 06:00 4.952 BOOTFONT.BIN
18 Datei(en) 805.675.593 Bytes
0 Verzeichnis(se), 14.620.987.392 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 1C7A-471C

Verzeichnis von C:\WINDOWS\system32

23.12.2006 15:49 1.170 WPA.DBL
23.12.2006 15:48 421.653 sstwa.ini
23.12.2006 01:07 277.044 awtss.dll
23.12.2006 00:13 419.607 sstwa.bak1
08.12.2006 00:13 10.716.584 MRT.exe
07.12.2006 17:02 2.174.976 wmvcore.dll
05.12.2006 16:50 4.286 ot.ico
08.11.2006 06:06 679.424 inetcomm.dll
04.11.2006 14:14 1.245.696 msxml4.dll
01.11.2006 09:57 1.138.688 xvidcore.dll
29.10.2006 10:56 374.064 PERFH009.DAT
Dieser Beitrag wurde am 23.12.2006 um 16:18 Uhr von Kingslayer editiert.
Seitenanfang Seitenende
24.12.2006, 01:10
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 Kingslayer

1.
scanne mit vundofix
http://virus-protect.org/artikel/tools/vundofixx.html

2.
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopiere rein

Zitat

registry keys to delete:
HKLM\SOFTWARE\Classes\CLSID\{FA47D1F7-1B54-49CF-9476-71A8683FD951}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA47D1F7-1B54-49CF-9476-71A8683FD951}
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtss

Files to delete:
C:\WINDOWS\system32\sstwa.ini
C:\WINDOWS\system32\awtss.dll
C:\WINDOWS\system32\sstwa.bak1
C:\WINDOWS\system32\ot.ico

Folders to delete:
C:\Dokumente und Einstellungen\%Username%\Anwendungsdaten\SearchToolbarCorp
C:\Programme\VSAdd-in
Klicke die grüne Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten

3.
lösche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb

4.
scanne mit smitfraudfix - Option 1 und 2 ( lasse auch die Registry mitreinigen)
http://virus-protect.org/artikel/tools/smitfrautfix.html

5.
scanne mit superantispyware
http://virus-protect.org/artikel/tools/superantispyware.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1