Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   IE startet von alleine um Werbung zu zeigen. (https://www.trojaner-board.de/35324-ie-startet-alleine-um-werbung-zeigen.html)

Mr-Fresh 14.01.2007 15:15
IE startet von alleine um Werbung zu zeigen.
 
Hallo Board,

bin neu hier und ich entschuldige mich schon mal dafür das hier zum Xten mal dieses Thema poste, aber in den anderen threads habe ich nichts gefunden was mir helfen konnte.
Nun mein problem ist das mein Explorer von allen startet und mir werbung anzeigt was ich gar nicht will!Ich habe dieses problem seit dem ich Netpumper+Anit-Leech runtergeladen habe. Beim spy-adware suche habe ich Netpumper aufgespürt und entfernt glaube ich, aber da ich voll der noob bin in sachen PC bin ich mir nicht sicher. Ich hoffe mir kann einer helfen.


Logfile of HijackThis v1.99.1
Scan saved at 15:11:43, on 14.01.2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\Programme\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Gemeinsame Dateien\AOL\1168771949\ee\AOLSoftware.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\programme\gemeinsame dateien\aol\1168771949\ee\services\antiSpywareApp\ver2_0_31_1\AOLSP Scheduler.exe
c:\programme\gemeinsame dateien\aol\1168771949\ee\aolsoftware.exe
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Dokumente und Einstellungen\***\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.de/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [pingcreativewindowfree] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iso inside ping creative\IsoBend.exe
O4 - HKLM\..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1168771949\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Programme\Gemeinsame Dateien\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [FINDNURB] C:\DOKUME~1\***\ANWEND~1\atomheck\ping mode warn.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar-Suche - c:\programme\aol\aol toolbar 2.0\resources\de-DE\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162839224654
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED3FD309-F8BF-4945-90C2-696D42A2F874}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: hpdj - Unknown owner - C:\DOKUME~1\***\LOKALE~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Sunny 14.01.2007 15:19
Hallo. :)


1.) Besuche folgende Website und spiel alle Updates und Service Packs ein!!!
Microsoft!

Warum fehlen diese überhaupt??? :confused:

2.)
Entfernung Swizzor.A


* Als erstes folgende Anleitung gut durchlesen und Schritt für Schritt abarbeiten
-> Entfernung Swizzor.A

* Dann die entsprechenden Einträge fixen, relevant sind bei dir folgende:

Zitat:
O4 - HKLM\..\Run: [pingcreativewindowfree] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iso inside ping creative\IsoBend.exe
O4 - HKCU\..\Run: [FINDNURB] C:\DOKUME~1\***\ANWEND~1\atomheck\ping mode warn.exe
* Poste im Anschluss nochmal ein neues Hijacklog

Sunny ;)

Mr-Fresh 14.01.2007 15:56
Also den Punkt 3 habe ich nicht ganz verstanden mit O2 und O4 was bei mir zutrifft.:confused:

Sunny 14.01.2007 15:58
Zitat:
Zitat von Mr-Fresh (Beitrag 248950)
Also den Punkt 3 habe ich nicht ganz verstanden mit O2 und O4 was bei mir zutrifft.:confused:
Ich habe doch garkeinen 3. Punkt genannt? :confused:

Du meintest sicherlich den 2.ten. ;)
Was hast du daran nicht verstanden? Hast du dir überhaupt die Anleitung bzw. den Link durchgelesenden ich gepostet habe? :confused:

Wenn nicht, dann bitte durchlesen...

Mr-Fresh 14.01.2007 16:00
Punkt 3 Das hier.

Zitat:
3.) Normalerweise hat Swizzor mindesten zwei Einträge, einen O2 und einen O4 Eintrag, diese verweisen immer auf Ordner in folgendem Pfad:
C:\DOKUMENTE UND EINSTELLUNGEN\*USER*\ANWENDUNGSDATEN\*beliebiger Ordnername*

*User* Steht für einen beliebigen Benutzer, kann aber auch den Pfad "All Users" meinen.

Häufig werden die Ordnernamen bei HijackThis abgekürzt, das sieht dann folgendermaßen aus:
C:\DOKUME~1 (~1 steht also für beliebig folgende Buchstaben oder Zahlen)

Mal ein paar Beispieleinträge, damit ihr wißt nach was ihr suchen müßt:

O2 - BHO: (no name) - {4774DFA6-2A34-46A1-AD67-A81DC29573FB} - C:\DOKUME~1\*User*\ANWEND~1\EXITSI~1\shimwipe.exe
O2 - BHO: (no name) - {C434066A-AFBD-C484-4679-77547D40E815} - C:\DOKUME~1\*User*\ANWEND~1\FACEVI~1\bleh live.exe
O4 - HKLM\..\Run: [plan load film pop] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OkayDrawPlanLoad\dale kind.exe
O4 - HKLM\..\Run: [01FlagAimDate] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Popcoal01flag\Chic thunk.exe

Sunny 14.01.2007 16:22
In der Anleitung stehen nur Beispiele, ICH habe dir die Einträge herausgesucht die in deinem Logfile zu sehen sind, nun musst du nur noch nach Anleitung handeln! :rolleyes:

Zitat:
O4 - HKLM\..\Run: [pingcreativewindowfree] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iso inside ping creative\IsoBend.exe

O4 - HKCU\..\Run: [FINDNURB] C:\DOKUME~1\***\ANWEND~1\atomheck\ping mode warn.exe

Mr-Fresh 14.01.2007 16:36
Mal die neue Log Datei


Logfile of HijackThis v1.99.1
Scan saved at 16:34:50, on 14.01.2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\Programme\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Gemeinsame Dateien\AOL\1168771949\ee\AOLSoftware.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\programme\gemeinsame dateien\aol\1168771949\ee\services\antiSpywareApp\ver2_0_31_1\AOLSP Scheduler.exe
c:\programme\gemeinsame dateien\aol\1168771949\ee\aolsoftware.exe
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Dokumente und Einstellungen\Olcay\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.de/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1168771949\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Programme\Gemeinsame Dateien\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar-Suche - c:\programme\aol\aol toolbar 2.0\resources\de-DE\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162839224654
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED3FD309-F8BF-4945-90C2-696D42A2F874}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: hpdj - Unknown owner - C:\DOKUME~1\Olcay\LOKALE~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Sunny 14.01.2007 16:48
Ok, der Swizzor scheint weg zu sein, aber was mir immer noch zu denken gibt es das hier:

Zitat:
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Warum sind immer noch keine Updates eingespielt? :confused:

Lies dir mal das hier durch -> Kompromittierung durch fehlendes SP2

Dieses könnte (und wird!) bei dir auch schon der Fall sein... :schmoll:
Also, woran liegt es?

Ich denke mal an einer nicht legalen Versin von Windows. :rolleyes:

Mr-Fresh 15.01.2007 17:17
So wie es aussieht liegt es an dieser datei hier:
O4 - HKCU\..\Run: [FINDNURB] C:\DOKUME~1\***\ANWEND~1\atomheck\ping mode warn.exe
Wenn ich es fixe geht die werbung weg, nur es findet immer wieder ein weg und kommt zurück dann fängt die werbung wieder an. Kann mir vielleicht einer sagen was die abkürzung HKCU\..\Run: bedeutet damit ich es in der regedit löschen kann?

Mr-Fresh 15.01.2007 19:06
http://img389.imageshack.us/img389/509/unbenanntlb6.png

nochdigger 15.01.2007 22:31
mOIn auch

lese die Anleitung zum Swizzor noch mal genau, dort stehen so sachen wie - abgesicherter Modus - und - löscht dort die betrefenden Ordner - in deinem Fall - C:\DOKUME~1\***\ANWEND~1\atomheck\ - und - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iso inside ping creative\ - .

MFG

Mr-Fresh 16.01.2007 16:28
Ich verstehe das nicht ich bekomme es einfach nicht weg, habe alles gemacht wie beschrieben. Schaut selber die log datei.


Logfile of HijackThis v1.99.1
Scan saved at 16:23:34, on 16.01.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\Programme\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Gemeinsame Dateien\AOL\1168771949\ee\AOLSoftware.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
c:\programme\gemeinsame dateien\aol\1168771949\ee\services\antiSpywareApp\ver2_0_31_1\AOLSP Scheduler.exe
c:\programme\gemeinsame dateien\aol\1168771949\ee\aolsoftware.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\Programme\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Dokumente und Einstellungen\***\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.de/
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1168771949\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Programme\Gemeinsame Dateien\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [FINDNURB] C:\DOKUME~1\***\ANWEND~1\atomheck\ping mode warn.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar-Suche - c:\programme\aol\aol toolbar 2.0\resources\de-DE\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162839224654
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED3FD309-F8BF-4945-90C2-696D42A2F874}: NameServer = 205.188.146.145
O18 - Protocol: bw+0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {6AB6EB9A-8A28-4E73-A750-B224EEE3E393} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: hpdj - Unknown owner - C:\DOKUME~1\***\LOKALE~1\Temp\hpdj.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Die datei kommt immer wieder, ist hartnäckig.:schrei:

Sunny 16.01.2007 18:02
Hallo. :)

Wenn du es garnicht weg bekommst, versuch es mal damit:

Anleitung Avenger:


1.) Lade dir das Tool Avenger und speichere es auf dem Desktop:
http://virus-protect.org/artikel/bilder/avanger.png

2.) Klicke nun auf die Option „Input Script manually“ -> klicke jetzt auf die Lupe und kopiere folgenden Text rein:
Zitat:
Folder to delete:
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iso inside ping creative
C:\DOKUME~1\All Users\ANWEND~1\atomheck
3.) Klicke nun auf die „grüne Ampel“, das Script fängt an zu arbeiten.
http://virus-protect.org/artikel/bilder/avenger4.png
4.) Danach das System unverzüglich neu starten lassen
5.) Lass HijackThis nochmal laufen, erstelle und poste ein neues HijackThis Logfile.
Poste ausserdem den Inhalt der C:\avenger.txt Datei.

Gruß
Sunny


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:02 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129