Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: 2 iexplorer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 17.10.2006, 23:00   #1
kaiser81
 
2 iexplorer - Standard

2 iexplorer



Hallo!

hab en kleines Problem mit 2 iexplorern!

Logfile of HijackThis v1.99.1

Scan saved at 23:13:11, on 17.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programme\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\Programme\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/de/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [64 CLOCK DEBUG BOLT] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\soft curb 64 clock\BoneSettings.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [kav] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\RunServices: [Winphx service] aanwzh.exe
O4 - HKCU\..\Run: [team link] C:\DOKUME~1\***~1\ANWEND~1\INTRAR~1\Hope Kind Funk.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158685365687
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D95A8F-1BA0-4720-BD62-5C89EDB88D84}: NameServer =
O18 - Protocol: bw+0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

bitte um Auswertung

meiner Meinung nach sind die Übeltäter Bonesettings.exe und Hope Kind Funk.exe

Vielen dank im Voraus

Geändert von kaiser81 (17.10.2006 um 23:06 Uhr)

Alt 19.10.2006, 07:31   #2
nochdigger
 
2 iexplorer - Standard

2 iexplorer



mOIn auch

den Swizzor hast du schon richtig erkannt, aber dazu später mehr.

Lasse dir alle Dateien und versteckten Ordner anzeigen :
Start --> Einstellungen --> Systemsteuerung --> Ordneroptionen --> Ansicht -->
häkchen raus bei - Erweiterungen bei bekannten Dateitypen ausblenden -
häkchen raus bei - Geschützte Systemdateien ausblenden -
anhaken - Inhalte von Systemordnern anzeigen -
bei Versteckte Dateien und Ordner - alle Dateien und Ordner anzeigen lassen -
--> Übernehmen

Suche und lasse folgende Datei :
aanwzh.exe
hier
Virustotal
oder hier
Jotti
überprüfen (kann bisschen dauern),
poste die Ergebnisse mit der Angabe der größe der hochgeladenen Datei,
auch wenn nichts gefunden wurde.

MFG
__________________


Alt 19.10.2006, 13:52   #3
kaiser81
 
2 iexplorer - Standard

Swizzor! bitte um HJT-Logfile auswertung



Hallo!

hatte netbumper installiert und bekam dadurch den Swizzor auf meinen Rechner. Dadurch habe ich 2 stets aktive iexplorer, die nicht gekillt werden können. habe eure Anleitung befolgt und poste jetzt mein HJT Logfile. hoffe ihr könnt mir weiterhelfen.

hab gerade gemerkt das mein post schon beantwortet wurde! Vielen dank


Logfile of HijackThis v1.99.1
Scan saved at 14:38:31, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://google.bearshare.com/de/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [64 CLOCK DEBUG BOLT] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\soft curb 64 clock\BoneSettings.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [kav] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\RunServices: [Winphx service] aanwzh.exe
O4 - HKCU\..\Run: [team link] C:\DOKUME~1\***~1\ANWEND~1\INTRAR~1\Hope Kind Funk.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158685365687
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D95A8F-1BA0-4720-BD62-5C89EDB88D84}: NameServer =
O18 - Protocol: bw+0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
__________________

Alt 19.10.2006, 14:51   #4
kaiser81
 
2 iexplorer - Standard

2 iexplorer



Ersmal schon mal Vielen Dank!

habe meinen Rechner dursucht und keine derartige exe gefunden. das einzige was angezeigt worden ist war im Ordner temorary internet files:

srchasst.htm?SearchText=aanwzh.exe

was soll ich machen???

Alt 19.10.2006, 15:27   #5
Alanis
 
2 iexplorer - Standard

2 iexplorer



Zitat:
Zitat von kaiser81
meiner Meinung nach sind die Übeltäter Bonesettings.exe und Hope Kind Funk.exe
Ich teile diese Meinung, zumindest sind das zwei Prozesse die ausgesprochen komisch daherkommen. Was passiert denn, wenn Du die beiden aus'm Autorun rausnimmst?


Alt 19.10.2006, 16:25   #6
Sunny
Administrator
> Competence Manager
 

2 iexplorer - Standard

2 iexplorer



Zitat:
Zitat von kaiser81
habe meinen Rechner dursucht und keine derartige exe gefunden. das einzige was angezeigt worden ist war im Ordner temorary internet files:

srchasst.htm?SearchText=aanwzh.exe

was soll ich machen???
Hallo,

1.)
was du machen sollst? LESEN, VERSTEHEN! & UMSETZEN!
"nochdigger" schrieb doch das du die Datei auswerten lassen, sollst!
Also geh auf folgende Seite -> Virustotal suche die Datei -> aanwzh.exe, klicke sie an und klicke danach auf den Button "SEND"! (warten bis der Scan vorbei ist, danach das Ergebnis markieren, kopieren, und hier in einen Beitrag einfügen )

2.) Danach lies dir folgenden Link durch -> Entfernung Swizzor.A

Die für dich geltenden Einträge sind folgende:

Zitat:
O4 - HKLM\..\Run: [64 CLOCK DEBUG BOLT] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\soft curb 64 clock\BoneSettings.exe
O4 - HKCU\..\Run: [team link] C:\DOKUME~1\***~1\ANWEND~1\INTRAR~1\Hope Kind Funk.exe
Gruß
Sunny
__________________
--> 2 iexplorer

Alt 19.10.2006, 17:31   #7
kaiser81
 
2 iexplorer - Standard

2 iexplorer



Hi Sunny!

erstmal danke für deine bzw. eure Hilfe.

habe das schon verstanden. Problem ist aber das ich die besagte Datei nicht auf meinem Rechner habe um sie überhaupt scannen zu lassen.

Alt 19.10.2006, 17:37   #8
Sunny
Administrator
> Competence Manager
 

2 iexplorer - Standard

2 iexplorer



Zitat:
Zitat von kaiser81
habe das schon verstanden. Problem ist aber das ich die besagte Datei nicht auf meinem Rechner habe um sie überhaupt scannen zu lassen.
Im vorletzten Beitrag von dir schriebst du das sich eine Datei in den Temp. Internet Files befinden würde, ist diese nun "verschwunden"?

Ansonsten scan dein System mal mit eScan, Anleitung dazu siehe meine Sinatur.

Gruß
__________________
Anfragen per Email, Profil- oder privater Nachricht werden ignoriert!
Hilfe gibts NUR im Forum!


Stulti est se ipsum sapientem putare.

Alt 19.10.2006, 17:49   #9
kaiser81
 
2 iexplorer - Standard

2 iexplorer



Hi!

srchasst.htm?SearchText=aanwzh.exe ist eine htm Datei keine exe.


werde es mal mit e scan versuchen

Alt 19.10.2006, 18:00   #10
kaiser81
 
2 iexplorer - Standard

2 iexplorer



hab mal die temporary internet files, in der was mit der besagten exe gefunden worden ist, zum scannen gegeben.


Complete scanning result of "Temporary_Internet_Files", received in VirusTotal at 10.19.2006, 18:53:41 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.31 10.19.2006 no virus found
Authentium 4.93.8 10.19.2006 no virus found
Avast 4.7.892.0 10.19.2006 no virus found
AVG 386 10.19.2006 no virus found
BitDefender 7.2 10.19.2006 no virus found
CAT-QuickHeal 8.00 10.19.2006 no virus found
ClamAV devel-20060426 10.19.2006 no virus found
DrWeb 4.33 10.19.2006 no virus found
eTrust-InoculateIT 23.73.28 10.19.2006 no virus found
eTrust-Vet 30.3.3143 10.19.2006 no virus found
Ewido 4.0 10.19.2006 no virus found
Fortinet 2.82.0.0 10.19.2006 no virus found
F-Prot 3.16f 10.19.2006 no virus found
F-Prot4 4.2.1.29 10.19.2006 no virus found
Ikarus 0.2.65.0 10.19.2006 no virus found
Kaspersky 4.0.2.24 10.19.2006 no virus found
McAfee 4877 10.19.2006 no virus found
Microsoft 1.1603 10.19.2006 no virus found
NOD32v2 1.1816 10.19.2006 no virus found
Norman 5.80.02 10.19.2006 no virus found
Sophos 4.10.0 10.15.2006 no virus found
TheHacker 6.0.1.101 10.19.2006 no virus found
UNA 1.83 10.19.2006 no virus found
VBA32 3.11.1 10.19.2006 no virus found
VirusBuster 4.3.7:9 10.19.2006 no virus found

Aditional Information
File size: 0 bytes
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709

Geändert von kaiser81 (19.10.2006 um 18:06 Uhr)

Alt 19.10.2006, 18:04   #11
kaiser81
 
2 iexplorer - Standard

2 iexplorer



Zitat:
Zitat von Alanis
Ich teile diese Meinung, zumindest sind das zwei Prozesse die ausgesprochen komisch daherkommen. Was passiert denn, wenn Du die beiden aus'm Autorun rausnimmst?
hab ich gemacht und sie werden nicht mehr im Taskmanager angezeigt.
ob das jetzt schon alles war mag ich zu bezweifeln.

trotzdem danke

Alt 19.10.2006, 22:01   #12
nochdigger
 
2 iexplorer - Standard

2 iexplorer



mOIn nochma

lässt du dir, wie ich beschrieben hatte, alle Dateien und Ordner anzeigen?
wenn nein, bitte nachholen.

Lade dir datFind.bat, gehe vor wie dort beschrieben und kopiere nur die letzten 3 Monate ab und poste sie.

Poste nochmal ein aktuelles HijackThis Log.

MFG

Alt 19.10.2006, 22:28   #13
kaiser81
 
2 iexplorer - Standard

2 iexplorer



moin

hab wie von dir beschrieben alles anzeigen lassen.

hier erstmal die datfind.bat logs

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A8FF-3F1F

Verzeichnis von C:\WINDOWS\system32

19.10.2006 21:30 2.422 wpa.dbl
19.10.2006 21:28 81.200 nvapps.xml
19.10.2006 21:28 664 d3d9caps.dat
16.10.2006 22:34 0 cmmgr32.exe
11.10.2006 14:43 320.424 perfh007.dat
11.10.2006 14:43 49.372 perfc007.dat
11.10.2006 14:43 314.644 perfh009.dat
11.10.2006 14:43 40.972 perfc009.dat
11.10.2006 14:43 725.674 PerfStringBackup.INI
04.10.2006 22:03 9.639.336 MRT.exe
02.10.2006 21:04 806.912 divx_xx07.dll
02.10.2006 21:04 806.912 divx_xx0c.dll
02.10.2006 21:04 790.528 divx_xx11.dll
02.10.2006 21:04 635.486 DivX.dll
01.10.2006 14:51 2.422 wpa.bak
28.09.2006 20:49 2.388 lvcoinst.log
28.09.2006 20:47 193.776 FNTCACHE.DAT
26.09.2006 14:26 7.006 jupdate-1.5.0_06-b05.log
24.09.2006 19:53 8.775 jupdate-1.5.0_08-b03.log
19.09.2006 21:08 249 spupdwxp.log
19.09.2006 19:06 0 h323log.txt
19.09.2006 18:41 0 TFTP2896
19.09.2006 18:40 0 TFTP2400
19.09.2006 18:17 25.065 wmpscheme.xml
19.09.2006 18:14 266 $winnt$.inf
19.09.2006 18:11 2.951 CONFIG.NT
19.09.2006 18:11 16.832 amcompat.tlb
19.09.2006 18:11 23.392 nscompat.tlb
19.09.2006 18:10 488 WindowsLogon.manifest
19.09.2006 18:10 488 logonui.exe.manifest
19.09.2006 18:10 749 sapi.cpl.manifest
19.09.2006 18:10 749 wuaucpl.cpl.manifest
19.09.2006 18:10 749 cdplayer.exe.manifest
19.09.2006 18:10 749 ncpa.cpl.manifest
19.09.2006 18:10 749 nwc.cpl.manifest
19.09.2006 18:09 21.740 emptyregdb.dat
13.09.2006 07:02 1.084.416 msxml3.dll
04.09.2006 08:12 1.494.016 shdocvw.dll
01.09.2006 16:14 65.536 QuickTimeVR.qtx
01.09.2006 16:14 49.152 QuickTime.qts
25.08.2006 17:46 617.472 comctl32.dll
21.08.2006 14:26 16.896 fltlib.dll
21.08.2006 11:14 23.040 fltmc.exe
16.08.2006 17:55 208.896 NVUNINST.EXE
16.08.2006 13:58 100.352 6to4svc.dll
11.08.2006 21:45 2.953.216 nvvitvsr.dll
11.08.2006 21:45 2.904.064 nvvitvs.dll
11.08.2006 21:45 888.832 nvmobls.dll
11.08.2006 21:45 2.859.008 nvmoblsr.dll
11.08.2006 21:45 458.752 nvmccssr.dll
11.08.2006 21:45 1.732.608 nvwssr.dll
11.08.2006 21:45 188.416 nvmccss.dll
11.08.2006 21:45 1.236.992 nvwss.dll
11.08.2006 21:45 2.928.640 nvgamesr.dll
11.08.2006 21:45 3.039.232 nvgames.dll
11.08.2006 21:45 5.251.072 nvdispsr.dll
11.08.2006 21:45 5.611.520 nvdisps.dll
11.08.2006 21:45 45.056 nvmccsrs.dll
11.08.2006 21:45 229.376 nvmccs.dll
11.08.2006 21:45 581.632 nvhwvid.dll
11.08.2006 21:45 266.240 nvrsesm.dll
11.08.2006 21:45 249.856 nvrshu.dll
11.08.2006 21:45 249.856 nvrssl.dll
11.08.2006 21:45 249.856 nvrssk.dll
11.08.2006 21:45 258.048 nvrsko.dll
11.08.2006 21:44 249.856 nvrsno.dll
11.08.2006 21:44 323.584 nvrshe.dll
11.08.2006 21:44 262.144 nvrsja.dll
11.08.2006 21:44 249.856 nvrspl.dll
11.08.2006 21:44 249.856 nvrstr.dll
11.08.2006 21:44 266.240 nvrspt.dll
11.08.2006 21:44 241.664 nvrscs.dll
11.08.2006 21:44 323.584 nvrsar.dll
11.08.2006 21:44 274.432 nvrsel.dll
11.08.2006 21:44 147.456 nvcolor.exe
11.08.2006 21:44 274.432 nvrses.dll
11.08.2006 21:43 245.760 nvrssv.dll
11.08.2006 21:43 241.664 nvrsfi.dll
11.08.2006 21:43 221.184 nvrszhc.dll
11.08.2006 21:43 245.760 nvrsda.dll
11.08.2006 21:43 274.432 nvrsit.dll
11.08.2006 21:43 262.144 nvrsptb.dll
11.08.2006 21:43 270.336 nvrsde.dll
11.08.2006 21:43 241.664 nvrseng.dll
11.08.2006 21:43 122.880 nvrszht.dll
11.08.2006 21:43 266.240 nvrsnl.dll
11.08.2006 21:43 278.528 nvrsfr.dll
11.08.2006 21:43 262.144 nvrsru.dll
11.08.2006 21:43 196.608 nvapi.dll
11.08.2006 21:43 81.920 nvwddi.dll
11.08.2006 21:43 86.016 nvmctray.dll
11.08.2006 21:43 7.630.848 nvcpl.dll
11.08.2006 21:43 69.632 nvcpl.cpl
11.08.2006 21:43 73.728 nvtuicpl.cpl
11.08.2006 21:43 1.662.976 nvwdmcpl.dll
11.08.2006 21:43 1.019.904 nvwimg.dll
11.08.2006 21:43 282.624 nvwrsar.dll
11.08.2006 21:43 286.720 nvnt4cpl.dll
11.08.2006 21:43 286.720 nvwrscs.dll
11.08.2006 21:43 294.912 nvwrsda.dll
11.08.2006 21:43 442.368 nvappbar.exe
11.08.2006 21:43 335.872 nvwrsel.dll
11.08.2006 21:43 286.720 nvwrseng.dll
11.08.2006 21:43 335.872 nvwrses.dll
11.08.2006 21:43 327.680 nvwrsesm.dll
11.08.2006 21:43 303.104 nvwrsfi.dll
11.08.2006 21:43 327.680 nvwrsfr.dll
11.08.2006 21:43 278.528 nvwrshe.dll
11.08.2006 21:43 315.392 nvwrshu.dll
11.08.2006 21:43 323.584 nvwrsit.dll
11.08.2006 21:43 425.984 keystone.exe
11.08.2006 21:43 212.992 nvwrsja.dll
11.08.2006 21:43 196.608 nvwrsko.dll
11.08.2006 21:43 319.488 nvwrsnl.dll
11.08.2006 21:43 466.944 nvshell.dll
11.08.2006 21:43 299.008 nvwrsno.dll
11.08.2006 21:43 294.912 nvwrspl.dll
11.08.2006 21:43 323.584 nvwrspt.dll
11.08.2006 21:43 311.296 nvwrsde.dll
11.08.2006 21:43 319.488 nvwrsptb.dll
11.08.2006 21:43 315.392 nvwrsru.dll
11.08.2006 21:43 299.008 nvwrssk.dll
11.08.2006 21:43 303.104 nvwrssl.dll
11.08.2006 21:43 294.912 nvwrssv.dll
11.08.2006 21:43 303.104 nvwrstr.dll
11.08.2006 21:43 163.840 nvwrszhc.dll
11.08.2006 21:43 167.936 nvwrszht.dll
11.08.2006 21:43 1.470.464 nview.dll
11.08.2006 21:43 311.296 nvexpbar.dll
11.08.2006 21:43 1.339.392 nvdspsch.exe
11.08.2006 21:43 794.624 nvcplui.exe
11.08.2006 21:43 1.519.616 nwiz.exe
11.08.2006 21:43 1.011.712 nvcpluir.dll
11.08.2006 21:42 5.636.096 nvoglnt.dll
11.08.2006 21:42 4.496.128 nv4_disp.dll
11.08.2006 21:42 155.715 nvsvc32.exe
11.08.2006 21:42 16.960 nvdisp.nvu
11.08.2006 21:42 208.896 nvudisp.exe
11.08.2006 21:42 35.840 nvcod.dll
11.08.2006 21:42 35.840 nvcodins.dll
11.08.2006 01:03 73.728 dpl100.dll
11.08.2006 01:03 196.608 dtu100.dll


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A8FF-3F1F

Verzeichnis von C:\DOKUME~1\RAMONL~1\LOKALE~1\Temp

19.10.2006 22:29 9.486 jusched.log
19.10.2006 22:29 939 jupdate1.5.0.xml
19.10.2006 21:30 16.384 Perflib_Perfdata_81c.dat
19.10.2006 19:14 163.840 ~DFF60F.tmp
19.10.2006 15:33 24.370 LVCOMSX.LOG
19.10.2006 14:05 247.760 avg7inst.log
19.10.2006 13:57 0 JETFF47.tmp
19.10.2006 13:57 0 JETF10E.tmp
19.10.2006 13:56 16.384 Perflib_Perfdata_128.dat
17.10.2006 18:21 163.840 ~DF14C2.tmp
17.10.2006 00:00 188 tosup.log
11.10.2006 16:16 797.676 IMTC.xml
11.10.2006 16:16 426 IMTB.xml
11.10.2006 16:16 2.036 IMTA.xml
11.10.2006 14:21 107.797 BWInstall.log
11.10.2006 14:21 2.633 logitech-ldm-postinst-action.log
11.10.2006 14:20 24.613 IadHide5.dll
11.10.2006 14:20 30.768 BWDump.log
11.10.2006 14:20 720 logitech-ldm-preinst-action.log
07.10.2006 18:28 10.538 control.xml
06.10.2006 07:42 244 1F1205F7.TMP
05.10.2006 00:31 0 TempCover12
05.10.2006 00:11 701 TWAIN.LOG
05.10.2006 00:11 2 Twain001.Mtx
05.10.2006 00:11 156 Twunk001.MTX
05.10.2006 00:09 0 aax94.tmp
05.10.2006 00:09 0 aax93.tmp
05.10.2006 00:09 0 aax92.tmp
04.10.2006 23:56 0 TempCover11
04.10.2006 22:22 0 CacheInfo.dnl
04.10.2006 22:18 0 TempCover10
01.10.2006 14:31 17.304 hpilog03.txt
01.10.2006 14:31 1.452 hpistr.hpi
01.10.2006 14:25 433 hpfpdi00.log
01.10.2006 14:25 758 hpzcoi08.log
01.10.2006 14:25 2.528 hpzcoi07.log
01.10.2006 14:25 606 hpzcon00.log
01.10.2006 14:25 468 hpzghoul00.log
01.10.2006 14:25 343 hpzpin00.log
01.10.2006 14:25 596 hpzcoi06.log
01.10.2006 14:25 596 hpzcoi05.log
01.10.2006 14:25 596 hpzcoi04.log
01.10.2006 14:25 596 hpzcoi03.log
01.10.2006 14:25 596 hpzcoi02.log
01.10.2006 14:25 596 hpzcoi01.log
01.10.2006 14:25 596 hpzcoi00.log
01.10.2006 14:20 38.658 hpilog02.txt
01.10.2006 14:19 17.304 hpilog01.txt
01.10.2006 14:19 12.575 hpilog00.txt
30.09.2006 00:25 3.734 msiutil(1).log
28.09.2006 22:32 797.676 IMT74.xml
28.09.2006 22:32 426 IMT73.xml
28.09.2006 22:32 2.036 IMT72.xml
28.09.2006 20:14 9.576 Microsoft Office 2003 Setup(0001).txt
28.09.2006 20:14 411.832 Microsoft Office 2003 Setup(0001)_Task(0001).txt
28.09.2006 20:10 49.467 offcln11.log
26.09.2006 16:20 4.003 qtplugin.log
26.09.2006 16:18 7.760 QTInstallCode.log
26.09.2006 15:44 634 MSI1c3f3.LOG
26.09.2006 15:16 2.486 cg_logo05.gif
26.09.2006 14:26 876 java_install_reg.log
26.09.2006 14:26 158.680 java_install.log
26.09.2006 14:26 57.856 777ee.mst
26.09.2006 14:04 1.017 radarcache-default.gif
26.09.2006 14:04 25.214 dat32.tmp
26.09.2006 13:17 31 searchurl_en_us.txt
26.09.2006 13:01 793.172 tmp.xpi
26.09.2006 00:26 0 Twunk002.MTX
25.09.2006 23:57 450.560 bis7.exe
24.09.2006 23:18 0 TempCover9
24.09.2006 23:12 0 TempCover8
24.09.2006 23:09 0 TempCover7
24.09.2006 23:07 0 TempCover6
24.09.2006 23:05 0 TempCover5
24.09.2006 22:48 0 TempCover4
24.09.2006 22:45 0 TempCover3
24.09.2006 22:42 0 TempCover2
24.09.2006 19:48 3.584 1e0ea04.mst
21.09.2006 12:03 0 7f35.tmp
21.09.2006 12:02 0 tmz4.tmp
21.09.2006 12:00 0 6m43.tmp
21.09.2006 11:59 0 oia2.tmp
19.09.2006 22:18 450.048 4c7f3.mst
19.09.2006 22:09 409 WGANotify.settings
19.09.2006 19:01 16.384 Perflib_Perfdata_190.dat
28.07.2006 07:52 1.081.856 GoogleInstall.dll



Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A8FF-3F1F

Verzeichnis von C:\WINDOWS

19.10.2006 22:09 680 win.ini
19.10.2006 21:29 1.165.653 WindowsUpdate.log
19.10.2006 21:29 159 wiadebug.log
19.10.2006 21:29 50 wiaservc.log
19.10.2006 21:28 0 0.log
19.10.2006 21:28 2.048 bootstat.dat
19.10.2006 21:25 16.086 SchedLgU.Txt
19.10.2006 18:36 227 system.ini
19.10.2006 16:27 116 NeroDigital.ini
19.10.2006 14:14 54.156 QTFont.qfn
18.10.2006 00:36 211 uno.ini
18.10.2006 00:21 869.868 setupapi.log
15.10.2006 15:35 30.828 spupdsvc.log
15.10.2006 05:36 167.974 tsoc.log
15.10.2006 05:36 92.090 ntdtcsetup.log
15.10.2006 05:36 153.218 comsetup.log
15.10.2006 05:36 66.125 iis6.log
15.10.2006 05:36 23.790 ocmsn.log
15.10.2006 05:36 1.393 imsins.log
15.10.2006 05:36 12.437 KB924191.log
15.10.2006 05:36 219.796 ocgen.log
15.10.2006 05:36 21.826 msgsocm.log
15.10.2006 05:36 424.450 FaxSetup.log
15.10.2006 05:36 18.647 updspapi.log
15.10.2006 05:36 1.393 imsins.BAK
15.10.2006 05:36 12.251 KB922819.log
15.10.2006 05:36 11.420 KB923414.log
15.10.2006 05:36 11.420 KB924496.log
15.10.2006 05:36 7.298 KB911564.log
15.10.2006 05:36 40.793 wmsetup.log
15.10.2006 05:35 8.770 KB923191.log
11.10.2006 14:21 179 LDM.log
11.10.2006 14:20 118.784 bwUnin-7.2.0.137-8876480SL.exe
11.10.2006 14:20 86 KE.log
11.10.2006 14:20 189.085 setupact.log
05.10.2006 01:57 1.409 QTFont.for
01.10.2006 14:52 851.300 setuplog.txt
28.09.2006 20:46 101 msxmlcab.log
28.09.2006 20:46 316.640 WMSysPr9.prx
28.09.2006 20:12 400 ODBC.INI
27.09.2006 21:12 13.624 KB925486.log
26.09.2006 15:06 2.871 mozver.dat
26.09.2006 14:57 176 wininit.ini
26.09.2006 13:52 521 GEARInstall.log
19.09.2006 22:11 37.536 KB899587.log
19.09.2006 22:11 36.141 KB885835.log
19.09.2006 22:11 35.458 KB885836.log
19.09.2006 22:11 37.285 KB920214.log
19.09.2006 22:11 33.048 KB921883.log
19.09.2006 22:11 26.655 KB917734.log
19.09.2006 22:10 36.007 KB911927.log
19.09.2006 22:10 35.248 KB922616.log
19.09.2006 22:10 35.503 KB901017.log
19.09.2006 22:10 35.823 KB899591.log
19.09.2006 22:10 35.435 KB920685.log
19.09.2006 22:10 36.011 KB896424.log
19.09.2006 22:10 35.937 KB893756.log
19.09.2006 22:10 35.039 KB911280.log
19.09.2006 22:10 34.437 KB911562.log
19.09.2006 22:09 31.593 KB896423.log
19.09.2006 22:09 36.722 KB900485.log
19.09.2006 22:09 33.509 KB917159.log
19.09.2006 22:09 32.545 KB873339.log
19.09.2006 22:09 24.018 WgaNotify.log
19.09.2006 22:09 34.174 KB921398.log
19.09.2006 22:09 34.231 KB887472.log
19.09.2006 22:08 33.665 KB896358.log
19.09.2006 22:08 27.283 KB910437.log
19.09.2006 22:08 39.871 KB918899.log
19.09.2006 22:08 29.738 KB920670.log
19.09.2006 22:08 29.153 KB891781.log
19.09.2006 22:08 32.318 KB918439.log
19.09.2006 22:08 40.022 KB902400.log
19.09.2006 22:07 2.072 vminst.log
19.09.2006 22:07 27.019 KB890046.log
19.09.2006 22:07 31.233 KB920872.log
19.09.2006 22:07 26.632 KB919007.log
19.09.2006 22:07 26.933 KB914388.log
19.09.2006 22:06 26.293 KB917344.log
19.09.2006 22:06 25.477 KB905414.log
19.09.2006 22:06 24.746 KB917953.log
19.09.2006 22:06 24.418 KB901214.log
19.09.2006 22:06 24.572 KB917422.log
19.09.2006 22:06 18.763 KB922582.log
19.09.2006 22:05 22.426 KB888302.log
19.09.2006 22:05 24.315 KB900725.log
19.09.2006 22:05 22.251 KB912919.log
19.09.2006 22:05 15.667 KB886185.log
19.09.2006 22:05 24.538 KB916595.log
19.09.2006 22:05 21.477 KB904706.log
19.09.2006 22:05 21.754 KB908531.log
19.09.2006 22:04 21.320 KB905749.log
19.09.2006 22:04 21.129 KB913580.log
19.09.2006 22:04 19.570 KB896428.log
19.09.2006 22:04 23.683 KB911567.log
19.09.2006 22:04 23.702 KB894391.log
19.09.2006 22:04 18.162 KB908519.log
19.09.2006 22:04 18.450 KB920683.log
19.09.2006 22:04 17.932 KB914389.log
19.09.2006 22:04 18.934 KB890859.log
19.09.2006 21:20 4.522 WGA.log
19.09.2006 21:10 360 DtcInstall.log
19.09.2006 21:09 1.174 OEWABLog.txt
19.09.2006 21:06 410.036 svcpack.log
19.09.2006 21:03 200 cmsetacl.log
19.09.2006 21:02 1.330 sessmgr.setup.log
19.09.2006 20:53 613 medctroc.Log
19.09.2006 19:38 3.283 KB835409.log
19.09.2006 19:18 6.038 KB842773.log
19.09.2006 19:18 6.366 KB893803v2.log
19.09.2006 19:18 7.087 KB898461.log
19.09.2006 19:06 0 Sti_Trace.log
19.09.2006 19:04 1.348 regopt.log
19.09.2006 19:03 0 setuperr.log
19.09.2006 18:42 0 nsreg.dat
19.09.2006 18:22 1.114 Windows Update.log
19.09.2006 18:18 3.317 Ascd_tmp.ini
19.09.2006 18:15 8.192 REGLOCS.OLD
19.09.2006 18:11 0 control.ini
19.09.2006 18:11 299.552 WMSysPrx.prx
19.09.2006 18:11 4.161 ODBCINST.INI
19.09.2006 18:10 749 WindowsShell.Manifest
19.09.2006 18:08 36 vb.ini
19.09.2006 18:08 37 vbaddin.ini



19.10.2006 13:26 16.384 ~DFEDA5.tmp
18.10.2006 21:42 16.384 ~DFFAC7.tmp
18.10.2006 00:45 16.384 ~DFF0F7.tmp
18.10.2006 00:27 16.384 ~DFFB64.tmp
17.10.2006 22:50 16.384 ~DFEEBB.tmp
17.10.2006 18:07 16.384 ~DFF6D5.tmp
17.10.2006 01:15 16.384 ~DFF237.tmp
15.10.2006 05:36 596 hpzcoi05.log
15.10.2006 05:36 596 hpzcoi04.log
01.10.2006 14:25 758 hpzcoi03.log
01.10.2006 14:25 1.013 hpzcoi02.log
01.10.2006 14:24 596 hpzcoi01.log
01.10.2006 14:24 596 hpzcoi00.log
28.09.2006 20:49 880 CamServr.log
28.09.2006 20:49 54.475 CamWizrd.log
28.09.2006 20:45 444 InstVid.log
28.09.2006 20:45 359 Instmed.log
1026 Datei(en) 8.138.289 Bytes
0 Verzeichnis(se), 10.386.657.280 Bytes frei


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A8FF-3F1F

Verzeichnis von C:\WINDOWS\Downloaded Program Files

19.09.2006 18:10 65 desktop.ini
26.05.2005 04:19 291 wuweb.inf
20.01.2000 15:25 1.162 Microsoft XML Parser for Java.osd
14.10.1997 18:52 697 DirectAnimation Java Classes.osd
4 Datei(en) 2.215 Bytes
0 Verzeichnis(se), 10.386.690.048 Bytes frei


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: A8FF-3F1F

Verzeichnis von C:\

19.10.2006 23:20 0 sys.txt
19.10.2006 23:19 484 down.txt
19.10.2006 23:16 56.530 tmp.txt
19.10.2006 23:15 8.776 system.txt
19.10.2006 23:12 6.274 systemtemp.txt
19.10.2006 23:07 99.224 system32.txt
19.10.2006 21:28 1.206.067.200 pagefile.sys
19.10.2006 21:07 1.603 hpfr5550.log
19.10.2006 18:36 211 boot.ini
18.10.2006 00:22 2.078 TDSLCheck.txt
17.10.2006 00:00 430 TO_InstallLog.txt
28.09.2006 20:44 183 LogiSetup.log
19.09.2006 20:57 47.564 NTDETECT.COM
19.09.2006 20:57 251.184 ntldr
19.09.2006 18:11 0 IO.SYS
19.09.2006 18:11 0 CONFIG.SYS
19.09.2006 18:11 0 AUTOEXEC.BAT
19.09.2006 18:11 0 MSDOS.SYS
29.08.2002 14:00 4.952 bootfont.bin
19 Datei(en) 1.206.546.693 Bytes
0 Verzeichnis(se), 10.386.685.952 Bytes frei

Alt 19.10.2006, 22:30   #14
kaiser81
 
2 iexplorer - Standard

2 iexplorer



und weil´s so schön ist hier das HJT-Logfile

Logfile of HijackThis v1.99.1
Scan saved at 23:23:07, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRAMME\MOZILLA FIREFOX\FIREFOX.EXE
C:\Programme\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://google.bearshare.com/de/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [kav] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\RunServices: [Winphx service] aanwzh.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1158685365687
O17 - HKLM\System\CCS\Services\Tcpip\..\{F2D95A8F-1BA0-4720-BD62-5C89EDB88D84}: NameServer =
O18 - Protocol: bw+0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {3E696448-0505-43C2-BFF2-91CC1C100057} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Alt 19.10.2006, 22:31   #15
kaiser81
 
2 iexplorer - Standard

2 iexplorer



hoffe das hilft weiter

THX

Antwort

Themen zu 2 iexplorer
adobe, alert, bho, desktop, dll, drivers, e-mail, einstellungen, excel, firefox, helper, hijack, hijackthis, iexplore, internet, internet explorer, kaspersky, mozilla, mozilla firefox, nvidia, pdf, problem, rundll, software, system, t-online, windows, windows xp



Ähnliche Themen: 2 iexplorer


  1. iexplorer.exe
    Log-Analyse und Auswertung - 26.09.2010 (23)
  2. iexplorer.exe
    Log-Analyse und Auswertung - 22.01.2010 (3)
  3. 2-3 mal iexplorer.exe
    Log-Analyse und Auswertung - 16.12.2009 (10)
  4. 2 mal iexplorer.exe
    Log-Analyse und Auswertung - 10.07.2009 (10)
  5. Iexplorer.exe ??
    Log-Analyse und Auswertung - 24.02.2009 (0)
  6. Iexplorer.exe :(
    Mülltonne - 10.12.2008 (1)
  7. IEXPLORER.exe 2 mal!
    Log-Analyse und Auswertung - 10.08.2008 (2)
  8. 2-mal Iexplorer.exe?
    Mülltonne - 09.03.2008 (1)
  9. IExplorer
    Log-Analyse und Auswertung - 30.12.2007 (0)
  10. 2 mal iexplorer.exe
    Log-Analyse und Auswertung - 09.12.2007 (22)
  11. 2x iexplorer
    Mülltonne - 16.09.2007 (0)
  12. Iexplorer 2x!
    Plagegeister aller Art und deren Bekämpfung - 30.08.2007 (8)
  13. iexplorer.exe
    Plagegeister aller Art und deren Bekämpfung - 24.07.2007 (6)
  14. iexplorer.exe
    Log-Analyse und Auswertung - 07.04.2007 (3)
  15. 2 x iexplorer?
    Plagegeister aller Art und deren Bekämpfung - 19.03.2007 (1)
  16. IEXPLORER.EXE ???? Was ist das ?
    Log-Analyse und Auswertung - 17.02.2007 (10)
  17. 2x iexplorer.exe !!!
    Plagegeister aller Art und deren Bekämpfung - 07.05.2006 (14)

Zum Thema 2 iexplorer - Hallo! hab en kleines Problem mit 2 iexplorern! Logfile of HijackThis v1.99.1 Scan saved at 23:13:11, on 17.10.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) - 2 iexplorer...
Archiv
Du betrachtest: 2 iexplorer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.