Popups von DriveCleaner, Winantivirus 2006, Sicherheitscenter, Search the Web un |
||
---|---|---|
#0
| ||
20.05.2007, 12:41
Member
Beiträge: 3716 |
#16
jetzt brauch ich nur noch filelist und combofixlog
|
|
|
||
20.05.2007, 12:47
Member
Beiträge: 17 |
#17
Hab ich gerade oben editiert...konnte leider nicht auf meinen eigenen Beitrag antworten...
|
|
|
||
20.05.2007, 13:42
Member
Beiträge: 3716 |
#18
hi, öffne arbeitsplatz,extras,ordneroptionen,ansicht dort einstellen:
- dateinamenerweiterungen bei bekannten dateitypen ausblenden off, - geschützte systemdateien ausblenden off - inhalte von systemordnern einblenden on - versteckte dateien und ordner alle einblenden on lad folgende dateien hier hoch, poste gesammtes ergebnss: http://www.virustotal.com/en/indexf.html C:\s25g C:\WINDOWS\system32\blacori.dll C:\DOKUME~1\MARTIN~1\LOKALE~1\Temp\ tmp1.tmp.exe tmp2.tmp.exe tmp1.tmp.dll DelUS.bat |
|
|
||
20.05.2007, 16:14
Member
Beiträge: 17 |
#19
Hier das Ergebnis:
STATUS: FINISHEDComplete scanning result of "s25g", received in VirusTotal at 05.20.2007, 15:30:41 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.16.1 05.18.2007 no virus found AntiVir 7.4.0.23 05.18.2007 no virus found Authentium 4.93.8 05.18.2007 no virus found Avast 4.7.997.0 05.18.2007 no virus found AVG 7.5.0.467 05.20.2007 no virus found BitDefender 7.2 05.20.2007 no virus found CAT-QuickHeal 9.00 05.18.2007 no virus found ClamAV devel-20070416 05.20.2007 no virus found DrWeb 4.33 05.20.2007 no virus found eSafe 7.0.15.0 05.20.2007 no virus found eTrust-Vet 30.7.3644 05.19.2007 no virus found Ewido 4.0 05.20.2007 no virus found FileAdvisor 1 05.20.2007 no virus found Fortinet 2.85.0.0 05.20.2007 no virus found F-Prot 4.3.2.48 05.18.2007 no virus found F-Secure 6.70.13030.0 05.18.2007 no virus found Ikarus T3.1.1.7 05.20.2007 no virus found Kaspersky 4.0.2.24 05.20.2007 no virus found McAfee 5034 05.18.2007 no virus found Microsoft 1.2503 05.20.2007 no virus found NOD32v2 2278 05.20.2007 no virus found Norman 5.80.02 05.18.2007 no virus found Panda 9.0.0.4 05.20.2007 no virus found Prevx1 V2 05.20.2007 no virus found Sophos 4.17.0 05.20.2007 no virus found Sunbelt 2.2.907.0 05.17.2007 no virus found Symantec 10 05.20.2007 no virus found TheHacker 6.1.6.118 05.18.2007 no virus found VBA32 3.12.0 05.20.2007 no virus found VirusBuster 4.3.7:9 05.20.2007 no virus found Webwasher-Gateway 6.0.1 05.18.2007 no virus found Aditional Information File size: 510 bytes MD5: f1abedab957be909f3f8b4bb000cf96e STATUS: FINISHEDComplete scanning result of "blacori.dll", received in VirusTotal at 05.20.2007, 15:35:47 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.16.1 05.18.2007 no virus found AntiVir 7.4.0.23 05.18.2007 TR/Agent.AUQ Authentium 4.93.8 05.18.2007 no virus found Avast 4.7.997.0 05.18.2007 no virus found AVG 7.5.0.467 05.20.2007 Downloader.Generic4.KSQ BitDefender 7.2 05.20.2007 Trojan.Agent.AUQ CAT-QuickHeal 9.00 05.18.2007 no virus found ClamAV devel-20070416 05.20.2007 no virus found DrWeb 4.33 05.20.2007 no virus found eSafe 7.0.15.0 05.20.2007 Win32.ConHook.bf eTrust-Vet 30.7.3644 05.19.2007 no virus found Ewido 4.0 05.20.2007 Downloader.ConHook.bf FileAdvisor 1 05.20.2007 no virus found Fortinet 2.85.0.0 05.20.2007 W32/ConHook.BF!tr.dldr F-Prot 4.3.2.48 05.18.2007 no virus found F-Secure 6.70.13030.0 05.18.2007 Trojan-Downloader.Win32.ConHook.bf Ikarus T3.1.1.7 05.20.2007 Trojan-Spy.Win32.Bancos.ha Kaspersky 4.0.2.24 05.20.2007 Trojan-Downloader.Win32.ConHook.bf McAfee 5034 05.18.2007 Vundo Microsoft 1.2503 05.20.2007 VirTool:Win32/Obfuscator.C NOD32v2 2278 05.20.2007 Win32/TrojanDownloader.ConHook.BF Norman 5.80.02 05.18.2007 W32/Suspicious_U.gen Panda 9.0.0.4 05.20.2007 Trj/Downloader.OHT Prevx1 V2 05.20.2007 Dropper.Payload Sophos 4.17.0 05.20.2007 Troj/ConHook-AD Sunbelt 2.2.907.0 05.17.2007 VIPRE.Suspicious Symantec 10 05.20.2007 Trojan Horse TheHacker 6.1.6.118 05.18.2007 no virus found VBA32 3.12.0 05.20.2007 Trojan-Downloader.Win32.ConHook.bf VirusBuster 4.3.7:9 05.20.2007 Packed/Upack Webwasher-Gateway 6.0.1 05.18.2007 Trojan.Agent.AUQ Aditional Information File size: 21895 bytes MD5: 49a183b3dff5c25f662c4ff4f9d490f9 SHA1: 9bcc3a2bf8ce225f3fd75484d2526fc952cd14d6 packers: UPack Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=e9ae93303371 Sunbelt info: VIPRE.Suspicious is a generic detection for potential Thread that are deemed suspicious through heuristics. STATUS: FINISHEDComplete scanning result of "tmp1.tmp.exe", received in VirusTotal at 05.20.2007, 15:43:46 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.16.1 05.18.2007 no virus found AntiVir 7.4.0.23 05.18.2007 TR/Dldr.Agent.40960.3 Authentium 4.93.8 05.18.2007 W32/Trojan.ABBB Avast 4.7.997.0 05.18.2007 no virus found AVG 7.5.0.467 05.20.2007 Downloader.Agent.KGR BitDefender 7.2 05.20.2007 Trojan.Downloader.Agent.AMM CAT-QuickHeal 9.00 05.18.2007 TrojanDownloader.Agent.bjk ClamAV devel-20070416 05.20.2007 Trojan.Downloader-5631 DrWeb 4.33 05.20.2007 Trojan.DownLoader.19433 eSafe 7.0.15.0 05.20.2007 Win32.Agent.bjk eTrust-Vet 30.7.3644 05.19.2007 Win32/SillyDl.CPH Ewido 4.0 05.20.2007 Downloader.Agent.bjk FileAdvisor 1 05.20.2007 High Thread detected Fortinet 2.85.0.0 05.20.2007 W32/Dloader.EPU!tr F-Prot 4.3.2.48 05.18.2007 W32/Trojan.ABBB F-Secure 6.70.13030.0 05.18.2007 Trojan-Downloader.Win32.Agent.bjk Ikarus T3.1.1.7 05.20.2007 Trojan-Downloader.Win32.Agent.bjk Kaspersky 4.0.2.24 05.20.2007 Trojan-Downloader.Win32.Agent.bjk McAfee 5034 05.18.2007 Generic Downloader.ab Microsoft 1.2503 05.20.2007 TrojanDownloader:Win32/Agent!9C03 NOD32v2 2278 05.20.2007 Win32/TrojanDownloader.Agent.BJK Norman 5.80.02 05.18.2007 W32/Agent.BMEY Panda 9.0.0.4 05.20.2007 Trj/Downloader.NZR Prevx1 V2 05.20.2007 Spyware.Lineage Sophos 4.17.0 05.20.2007 Troj/Agent-EKY Sunbelt 2.2.907.0 05.17.2007 Trojan-Downloader.Win32.Agent.amm Symantec 10 05.20.2007 Downloader TheHacker 6.1.6.118 05.18.2007 no virus found VBA32 3.12.0 05.20.2007 Trojan.DownLoader.19433 VirusBuster 4.3.7:9 05.20.2007 Trojan.DL.Agent.GSW Webwasher-Gateway 6.0.1 05.18.2007 Trojan.Dldr.Agent.40960.3 Aditional Information File size: 40960 bytes MD5: 6110244770bc56d24ec11559c4a31ac4 SHA1: 185128bac57df077ec855a452c2e9e3d9faabd6d Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=6110244770bc56d24ec11559c4a31ac4 Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=6e4579802179 STATUS: FINISHEDComplete scanning result of "tmp2.tmp.exe", received in VirusTotal at 05.20.2007, 15:51:21 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.16.1 05.18.2007 no virus found AntiVir 7.4.0.23 05.18.2007 no virus found Authentium 4.93.8 05.18.2007 no virus found Avast 4.7.997.0 05.18.2007 no virus found AVG 7.5.0.467 05.20.2007 no virus found BitDefender 7.2 05.20.2007 no virus found CAT-QuickHeal 9.00 05.18.2007 (Suspicious) - DNAScan ClamAV devel-20070416 05.20.2007 no virus found DrWeb 4.33 05.20.2007 Trojan.Packed.49 eSafe 7.0.15.0 05.20.2007 Suspicious Trojan/Worm eTrust-Vet 30.7.3644 05.19.2007 no virus found Ewido 4.0 05.20.2007 no virus found FileAdvisor 1 05.20.2007 no virus found Fortinet 2.85.0.0 05.20.2007 suspicious F-Prot 4.3.2.48 05.18.2007 no virus found F-Secure 6.70.13030.0 05.18.2007 no virus found Ikarus T3.1.1.7 05.20.2007 Trojan-Downloader.Win32.Zlob.and Kaspersky 4.0.2.24 05.20.2007 no virus found McAfee 5034 05.18.2007 New Malware.aj Microsoft 1.2503 05.20.2007 no virus found NOD32v2 2278 05.20.2007 no virus found Norman 5.80.02 05.18.2007 W32/Suspicious_U.gen Panda 9.0.0.4 05.20.2007 Suspicious file Prevx1 V2 05.20.2007 no virus found Sophos 4.17.0 05.20.2007 no virus found Sunbelt 2.2.907.0 05.17.2007 no virus found Symantec 10 05.20.2007 no virus found TheHacker 6.1.6.118 05.18.2007 no virus found VBA32 3.12.0 05.20.2007 no virus found VirusBuster 4.3.7:9 05.20.2007 no virus found Webwasher-Gateway 6.0.1 05.18.2007 Win32.Malware.gen (suspicious) Aditional Information File size: 233071 bytes MD5: eebb59e2c342aea2901fc7b4ba65b365 SHA1: f96b446bf6c6c792bc9034c63477a561c2899c00 STATUS: FINISHEDComplete scanning result of "tmp1.tmp.dll", received in VirusTotal at 05.20.2007, 16:02:49 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.16.1 05.18.2007 no virus found AntiVir 7.4.0.23 05.18.2007 TR/Dldr.ConHook.Gen Authentium 4.93.8 05.18.2007 no virus found Avast 4.7.997.0 05.18.2007 no virus found AVG 7.5.0.467 05.20.2007 no virus found BitDefender 7.2 05.20.2007 no virus found CAT-QuickHeal 9.00 05.18.2007 no virus found ClamAV devel-20070416 05.20.2007 no virus found DrWeb 4.33 05.20.2007 no virus found eSafe 7.0.15.0 05.20.2007 no virus found eTrust-Vet 30.7.3644 05.19.2007 no virus found Ewido 4.0 05.20.2007 no virus found FileAdvisor 1 05.20.2007 no virus found Fortinet 2.85.0.0 05.20.2007 suspicious F-Prot 4.3.2.48 05.18.2007 no virus found F-Secure 6.70.13030.0 05.18.2007 no virus found Ikarus T3.1.1.7 05.20.2007 Trojan-Spy.Win32.Bancos.ha Kaspersky 4.0.2.24 05.20.2007 no virus found McAfee 5034 05.18.2007 no virus found Microsoft 1.2503 05.20.2007 VirTool:Win32/Obfuscator.C NOD32v2 2278 05.20.2007 no virus found Norman 5.80.02 05.18.2007 W32/Suspicious_U.gen Panda 9.0.0.4 05.20.2007 Suspicious file Prevx1 V2 05.20.2007 Polynomial.Code.Exploit Sophos 4.17.0 05.20.2007 Mal/Packer Sunbelt 2.2.907.0 05.17.2007 VIPRE.Suspicious Symantec 10 05.20.2007 no virus found TheHacker 6.1.6.118 05.18.2007 no virus found VBA32 3.12.0 05.20.2007 no virus found VirusBuster 4.3.7:9 05.20.2007 Packed/Upack Webwasher-Gateway 6.0.1 05.18.2007 Trojan.Dldr.ConHook.Gen Aditional Information File size: 38126 bytes MD5: 7812e73212e66953fca094de428cebf8 SHA1: d46725f6cfcf764053904ad12e076b22fdf2e6e1 packers: UPack Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=9ecd96136078 Sunbelt info: VIPRE.Suspicious is a generic detection for potential Thread that are deemed suspicious through heuristics. STATUS: FINISHEDComplete scanning result of "DelUS.bat", received in VirusTotal at 05.20.2007, 16:10:03 (CET). Antivirus Version Update Result AhnLab-V3 2007.5.16.1 05.18.2007 no virus found AntiVir 7.4.0.23 05.18.2007 no virus found Authentium 4.93.8 05.18.2007 no virus found Avast 4.7.997.0 05.18.2007 no virus found AVG 7.5.0.467 05.20.2007 no virus found BitDefender 7.2 05.20.2007 no virus found CAT-QuickHeal 9.00 05.18.2007 no virus found ClamAV devel-20070416 05.20.2007 no virus found DrWeb 4.33 05.20.2007 no virus found eSafe 7.0.15.0 05.20.2007 no virus found eTrust-Vet 30.7.3644 05.19.2007 no virus found Ewido 4.0 05.20.2007 no virus found FileAdvisor 1 05.20.2007 no virus found Fortinet 2.85.0.0 05.20.2007 no virus found F-Prot 4.3.2.48 05.18.2007 no virus found F-Secure 6.70.13030.0 05.18.2007 no virus found Ikarus T3.1.1.7 05.20.2007 no virus found Kaspersky 4.0.2.24 05.20.2007 no virus found McAfee 5034 05.18.2007 no virus found Microsoft 1.2503 05.20.2007 no virus found NOD32v2 2278 05.20.2007 no virus found Norman 5.80.02 05.18.2007 no virus found Panda 9.0.0.4 05.20.2007 no virus found Prevx1 V2 05.20.2007 no virus found Sophos 4.17.0 05.20.2007 no virus found Sunbelt 2.2.907.0 05.17.2007 no virus found Symantec 10 05.20.2007 no virus found TheHacker 6.1.6.118 05.18.2007 no virus found VBA32 3.12.0 05.20.2007 no virus found VirusBuster 4.3.7:9 05.20.2007 no virus found Webwasher-Gateway 6.0.1 05.18.2007 no virus found Aditional Information File size: 516 bytes MD5: 972846f1137ac1dfced424d559c31b6f SHA1: 32fe53bc52bf36111244cccc8b6da085c88a8942 und nun? LG, Heike |
|
|
||
28.05.2007, 11:13
Member
Beiträge: 17 |
#20
Huhu Virenfinder,
ich hänge hier noch. Hoffe, Du bist nicht im Urlaub... ;-) ... Liebe Grüsse Heike |
|
|
||
28.05.2007, 11:17
Ehrenmitglied
Beiträge: 6028 |
||
|
||
28.05.2007, 11:20
Member
Beiträge: 17 |
#22
Bin hier für jede Hilfe dankbar. Hab doch null Ahnung...*kopfkratz*.
Danke für Dein Angebot, Arnold. Das nehme ich gerne an. |
|
|
||
28.05.2007, 11:24
Ehrenmitglied
Beiträge: 6028 |
#23
Also,Entferne ComboFix von dein Rechner,danach Papierkorb lehren
Jetzt wieder wie angegeben wieder Installieren Download ComboFix zum Desktop Doppelklick combofix.exe Folge den Instruktionen in das Fenster Waehrend Combofix lauft NICHT ins Fenster klicken sonst erfriert dein Rechner Wenn das Tool fertig ist,oeffnet sich ein logfile(combofix.txt). Poste nachher den logfile C:\combofix.txt in dein folgender Bericht zuzammen mit ein log von HijackThis __________ MfG Argus |
|
|
||
28.05.2007, 12:16
Member
Beiträge: 17 |
#24
Hallo Arnold,
hier die Meldung von Comofix: "C:\WINDOWS\system32\tmp4.tmp.dll" "C:\WINDOWS\system32\tmp71.tmp.dll" bzw. das File von ComboFix-quarantined-files.txt Code 1998-12-02 09:11 143360 --a------ C:\Qoobox\Quarantine\C\WINDOWS\system32\vbuzip10.dll.virJetzt noch das HijackThis Log: Logfile of HijackThis v1.99.1 Scan saved at 12:17:25, on 28.05.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe C:\Programme\PC Tools Firewall Plus\PCTFW.exe C:\Programme\Gemeinsame Dateien\Logitech\LComMgr\Communications_Helper.exe C:\Programme\Logitech\QuickCam10\QuickCam10.exe C:\Programme\Gemeinsame Dateien\Logitech\LComMgr\LVComSX.exe C:\Programme\MSN Messenger\MsnMsgr.Exe C:\Programme\Skype\Phone\Skype.exe C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\DOKUME~1\MARTIN~1\LOKALE~1\Temp\tmp1.tmp.exe C:\Programme\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Programme\FRITZ!\IWatch.exe C:\Programme\UltimateZip 2.7\uzqkst.exe C:\Programme\Gemeinsame Dateien\AccSys\AccWLSvc.exe C:\Programme\AVPersonal\AVGUARD.EXE C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\hpoipm07.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Programme\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe C:\Programme\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe C:\Programme\Canon\CAL\CALMAIN.exe C:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe C:\Programme\Skype\Plugin Manager\skypePM.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\cmd.exe C:\ComboFix\vfind.cfexe C:\Programme\Internet Explorer\iexplore.exe C:\Dokumente und Einstellungen\Martin Ströbele\Lokale Einstellungen\Temporary Internet Files\Content.IE5\8P0PEFGX\HijackThis[1].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.arcor.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.arcor.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.arcor.de O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3b117fbc-0420-44af-8e14-af70dc3e69a9} - C:\WINDOWS\system32\blacori.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [SO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [LWBMOUSE] C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\HotKeys\Ikeymain.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [wlconfig] C:\Programme\WLAN Monitor\wlconfig.exe -autostart O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\Run: [ALDI_SUED_FotoSuite_Download] "C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\FotoSuite.exe" /autorun O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [PCTools FW] C:\Programme\PC Tools Firewall Plus\PCTFW.exe /s O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programme\Gemeinsame Dateien\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programme\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "C:\Programme\Gemeinsame Dateien\Logitech\LComMgr\LVComSX.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [PcSync] C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LogitechSetup] G:\Setup\Setup.exe /start /restart /l:deu O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [SysRestore] "C:\DOKUME~1\MARTIN~1\LOKALE~1\Temp\tmp1.tmp.exe" O4 - Startup: UltimateZip Quick Start.lnk = C:\Programme\UltimateZip 2.7\uzqkst.exe O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Programme\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: ISDNWatch.lnk = C:\Programme\FRITZ!\IWatch.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?5e737ea4fefa47e8b9cdddf6e6bbd6d2 O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?5e737ea4fefa47e8b9cdddf6e6bbd6d2 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O14 - IERESET.INF: START_PAGE_URL=http://www.aol.de/e60/ O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.de/computercheckup/qdiagcc.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.143/code/PWActiveXImgCtl.CAB O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.service-url.de/InstallationsAssistent.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{723AB3B7-E5DB-4867-950A-9BD614A545EA}: NameServer = 192.168.120.252,192.168.120.253 O18 - Protocol: bw+0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: haufereader - (no CLSID) - (no file) O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {120B1031-93A0-4582-A37A-6E5A6F4BC0C5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O20 - Winlogon Notify: blacori - C:\WINDOWS\SYSTEM32\blacori.dll O23 - Service: AccSys WiFi Server (AccWLSvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\AccWLSvc.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe O23 - Service: Haufe iDesk-Service in C:\Programme\Haufe\iDesk\iDeskService\Zope (HRService) - Unknown owner - C:\Programme\Haufe\iDesk\iDeskService\iDeskService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe O23 - Service: Sygate Personal Firewall (SmcService) - Unknown owner - C:\Programme\Sygate\SPF\Smc.exe (file missing) O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\Sptisrv.exe |
|
|
||
28.05.2007, 12:19
Ehrenmitglied
Beiträge: 6028 |
||
|
||
28.05.2007, 12:28
Member
Beiträge: 17 |
#26
Hallo Arnold,
mehr hab ich leider nicht. Nur das Quarantäne-File...Muss ich das jetzt noch einmal machen??? |
|
|
||
28.05.2007, 12:30
Ehrenmitglied
Beiträge: 6028 |
||
|
||
28.05.2007, 12:31
Member
Beiträge: 17 |
#28
Lach - hab ich gerade gemacht und bin fündig geworden....sorry
"Martin Str”bele" - 2007-05-28 11:36:15 Service Pack 2 ComboFix 07-05.27.V - Running from: "C:\Dokumente und Einstellungen\Martin Str”bele\Desktop\" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) "C:\WINDOWS\system32\tmp4.tmp.dll" "C:\WINDOWS\system32\tmp71.tmp.dll" ((((((((((((((((((((((((((((((( Files Created from 2007-04-28 to 2007-05-28 )))))))))))))))))))))))))))))))))) 2007-05-27 22:16 106,401 --a------ C:\WINDOWS\ddbxxw.dll 2007-05-20 09:55 106,476 --a------ C:\WINDOWS\urpnnl.dll 2007-05-12 12:44 <DIR> d-------- C:\MAUSJAGD 2007-05-07 21:58 <DIR> d-------- C:\DOKUME~1\MARTIN~1\ANWEND~1\Ringjacker 2007-05-05 12:06 <DIR> d-------- C:\DOKUME~1\MARTIN~1\ANWEND~1\skySpace 2007-05-05 11:38 <DIR> d-------- C:\Programme\ElsterFormular 2007-05-04 20:42 21,895 --------- C:\WINDOWS\system32\blacori.dll 2007-05-03 18:10 933,536 -ra------ C:\WINDOWS\system32\drivers\LV302V32.SYS 2007-05-03 18:10 7,734 -ra------ C:\WINDOWS\system32\Repository.reg 2007-05-03 18:10 527,136 -ra------ C:\WINDOWS\system32\LVUI2RC.dll 2007-05-03 18:10 40,352 -ra------ C:\WINDOWS\system32\drivers\LVUSBSta.sys 2007-05-03 18:10 348,160 -ra------ C:\WINDOWS\system\msvcr71.dll 2007-05-03 18:10 264,992 -ra------ C:\WINDOWS\system32\lvcodec2.dll 2007-05-03 18:10 211,744 -ra------ C:\WINDOWS\system32\LVUI2.dll 2007-05-03 18:10 13,344 -ra------ C:\WINDOWS\system32\drivers\lv302af.sys 2007-05-03 18:10 121,632 -ra------ C:\WINDOWS\system32\lvcoinst.dll 2007-05-03 17:57 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe 2007-05-03 17:52 <DIR> d-------- C:\Programme\Logitech 2007-05-03 17:52 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Logitech 2007-05-03 17:52 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Logishrd 2007-05-03 17:52 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Logitech 2007-05-03 17:44 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys 2007-05-03 17:39 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2007-05-02 21:21 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Skype 2007-05-02 21:21 <DIR> d-------- C:\DOKUME~1\MARTIN~1\ANWEND~1\Skype 2007-05-02 21:21 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Skype 2007-05-02 21:20 <DIR> d-------- C:\Programme\Skype (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-05-28 09:02:20 -------- d-----w C:\Programme\WLAN Monitor 2007-05-27 15:14:39 -------- d-----w C:\Programme\HotKeys 2007-05-21 20:27:55 -------- d-----w C:\Programme\StarMoney 5.0 2007-05-12 10:45:21 -------- d-----w C:\Programme\QuickTime 2007-05-07 16:55:33 -------- d-----w C:\Programme\AVPersonal 2007-05-07 16:28:59 -------- d--h--w C:\Programme\WindowsUpdate 2007-05-07 16:28:55 -------- d-----w C:\Programme\StarMoney 4.0 S-Edition 2007-05-07 16:28:52 -------- d-----w C:\Programme\StarMoney 3.0 S-Edition 2007-05-07 16:28:43 -------- d-----w C:\Programme\MSN Messenger 2007-05-07 16:28:37 -------- d-----w C:\Programme\Homebanking mit AOL und StarMoney 2007-05-07 16:28:33 -------- d-----w C:\Programme\Gemeinsame Dateien\aol 2007-05-07 16:27:51 -------- d-----w C:\DOKUME~1\MARTIN~1\ANWEND~1\AOL 2007-05-07 16:18:22 -------- d-----w C:\Programme\Windows Live Toolbar 2007-05-05 09:38:44 -------- d--h--w C:\Programme\InstallShield Installation Information 2007-04-04 16:07:26 -------- d-----w C:\Programme\PC Tools Firewall Plus 2007-04-04 16:06:58 37,376 ----a-w C:\WINDOWS\system32\drivers\pctfw.sys 2007-04-04 16:06:57 77,312 ----a-w C:\WINDOWS\system32\drivers\pctfw1.sys 2007-03-25 12:16:34 68,096 ----a-w C:\WINDOWS\system32\perfc007.dat 2007-03-25 12:16:34 398,334 ----a-w C:\WINDOWS\system32\perfh007.dat 2004-08-03 22:58:10 12,288 --sh--w C:\WINDOWS\system32\regsvr32.exe 2004-08-03 22:57:38 50,688 --sh--w C:\WINDOWS\twain_32.dll 2004-08-03 22:57:30 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll 2001-08-18 12:00:00 94,800 -csh--w C:\WINDOWS\twain.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {3b117fbc-0420-44af-8e14-af70dc3e69a9}=C:\WINDOWS\system32\blacori.dll [2007-05-04 20:42] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 21:33] {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Programme\Windows Live Toolbar\msntb.dll [2006-09-27 18:45] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SO5 Integrator Pass Two"="C:\WINDOWS\SOINTGR.EXE" [] "SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [] "Share-to-Web Namespace Daemon"="C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [] "nwiz"="nwiz.exe" [2002-03-09 10:53 C:\WINDOWS\system32\nwiz.exe] "NvCplDaemon"="NvQTwk" [] "NeroCheck"="C:\WINDOWS\System32\NeroCheck.exe" [] "LWBMOUSE"="C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe" [] "iKeyWorks"="C:\PROGRA~1\HotKeys\Ikeymain.exe" [] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [] "RealTray"="C:\Programme\Real\RealPlayer\RealPlay.exe" [] "SunJavaUpdateSched"="C:\Programme\Java\jre1.5.0_05\bin\jusched.exe" [] "wlconfig"="C:\Programme\WLAN Monitor\wlconfig.exe" [] "AVGCtrl"="C:\Programme\AVPersonal\AVGNT.exe" [2007-03-23 20:08] "ALDI_SUED_FotoSuite_Download"="C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\FotoSuite.exe" [2007-03-23 20:08] "iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [2007-03-23 20:08] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2007-03-23 20:08] "PCSuiteTrayApplication"="C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 20:08] "Adobe Photo Downloader"="C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2007-03-23 20:08] "PCTools FW"="C:\Programme\PC Tools Firewall Plus\PCTFW.exe" [2007-01-22 10:26] "LogitechCommunicationsManager"="C:\Programme\Gemeinsame Dateien\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 01:03] "LogitechQuickCamRibbon"="C:\Programme\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 21:58] "LVCOMSX"="C:\Programme\Gemeinsame Dateien\Logitech\LComMgr\LVComSX.exe" [2006-11-15 22:01] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE" [2007-03-23 20:08] "PcSync"="C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-23 20:08] "MsnMsgr"="C:\Programme\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:55] "Skype"="C:\Programme\Skype\Phone\Skype.exe" [2007-03-30 13:34] "LogitechSetup"="G:\Setup\Setup.exe" [] "LDM"="C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-05-03 17:57] "SysRestore"="C:\DOKUME~1\MARTIN~1\LOKALE~1\Temp\tmp1.tmp.exe" [2007-05-27 17:14] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "msnmsgr"="C:\Programme\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\blacori] blacori.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"= Contents of the 'Scheduled Tasks' folder 2007-05-28 09:31:00 C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job ******************************************************************** catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-05-28 12:06:23 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ******************************************************************** Completion time: 2007-05-28 12:09:01 C:\ComboFix-quarantined-files.txt ... 2007-05-28 12:08 --- E O F --- (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) "C:\WINDOWS\system32\tmp4.tmp.dll" "C:\WINDOWS\system32\tmp71.tmp.dll" ((((((((((((((((((((((((((((((( Files Created from 28.0-01-07 to 28.05.2007 )))))))))))))))))))))))))))))))))) |
|
|
||
28.05.2007, 12:45
Ehrenmitglied
Beiträge: 6028 |
#29
Wie steht das bei dir im Rechner
C:\DOKUME~1\MARTIN~1\LOKALE~1\Temp\tmp1.tmp.exe __________ MfG Argus |
|
|
||
28.05.2007, 12:47
Member
Beiträge: 17 |
#30
Was meinst du? Ich verstehe die Frage nicht...
Die genaue Bezeichnung lautet: C:\Dokumente und Einstellungen\Martin Ströbele\Lokale Einstellungen\Tmp\tmp1.temp.exe Meinst Du das? Dieser Beitrag wurde am 28.05.2007 um 12:55 Uhr von milkalover editiert.
|
|
|
||