Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bios Virus ? (https://www.trojaner-board.de/44174-bios-virus.html)

Eric07 03.10.2007 09:28
Bios Virus ?
 
Hi@all,
bei mir gehts wider rund am PC :(.
Also habe gestern nichts am Pc veränder, wie etwas runtergeladen etc. Wirklich nichts.
Heute morgen kommt jetzt immer nach den FSC Boot Dings dasda :
http://img172.imageshack.us/img172/1470/cimg0002sr1.jpg
Wenn ich einen Knopf drücke, saust es herum und geht wieder in die Grundpostion
Ist echt kein Scherz.
Bin jetzt nur in Windows, weil ich von meiner Windows CD gebootet habe, hier mal das Hijack This Log :
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:47:25, on 03.10.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe
C:\Programme\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe
C:\Programme\Comodo\Firewall\cmdagent.exe
C:\Programme\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\SiteAdvisor\6172\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Dokumente und Einstellungen\Admin\Desktop\HiJackThis202.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.icq.com/start
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.audials.com/buynow.php?site=audials&productid=0&affiliate=1a08f4ebe7e2be602256412ed41ed96f&partnerid=0
R3 - URLSearchHook: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programme\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Programme\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programme\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O4 - HKLM\..\Run: [SoundMax] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'Default user')
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\scieplugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178994744609
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: AusLogics Windows Themes Helper (ALThemeHelper) - Unknown owner - C:\Programme\AusLogics Visual Styler\themehelpersvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Personal Security Suite V (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - Unknown owner - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDSched.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programme\Sandboxie\SbieSvc.exe
O23 - Service: SiteAdvisor-Dienst (SiteAdvisor Service) - Unknown owner - C:\Programme\SiteAdvisor\6172\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WDPOperations - Unknown owner - C:\Programme\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE

--
End of file - 19422 bytes
Muss aber noch was Ergänzen :

Ich hatte das Dings irgendwie schon öfter, habe aber zwischendrin schon sicher 3 mal formatiert und dann war immer eine sehr lange Zeit ruhe.
Aber als ich damals dann in Windows war, war es nur noch im 98er Design, also das kraue und die Systemwiederherstellung war deaktiviert. Jetzt ist es aber nicht so, Geschwindigkeit hat sich auch nicht verändert, eigentlich.
Ich werde jetzt mal neu starten und schauen obs ohne Windows CD noch da ist.

Eric07 03.10.2007 09:38
Also :
ES IST WEG.

Habe nur verändert :
Nur das ThemXPdings aus dem Autostart gemacht und alles was Spybot Search and Destroy gefunden hat gelöscht, waren aber nur Cookies und mehr nicht.
Hier mal ein "neues" Hijack This log :
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:36:35, on 03.10.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe
C:\Programme\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\Sandboxie\SbieSvc.exe
C:\Programme\SiteAdvisor\6172\SAService.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\Programme\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Analog Devices\SoundMAX\Smax4.exe
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe
C:\Programme\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Admin\Desktop\HiJackThis202.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.icq.com/start
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.audials.com/buynow.php?site=audials&productid=0&affiliate=1a08f4ebe7e2be602256412ed41ed96f&partnerid=0
R3 - URLSearchHook: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Programme\SiteAdvisor\6172\SiteAdv.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Programme\Save Flash\SaveFlash.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Programme\SiteAdvisor\6172\SiteAdv.dll
O3 - Toolbar: Coolstreaming_Tool-Bar_v1.0 toolbar - {bd0e4d83-654e-4213-965b-fcbe887061f4} - C:\Programme\Coolstreaming_Tool-Bar_v1.0\tbCoo1.dll
O4 - HKLM\..\Run: [SoundMax] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: T-Online DSL-Manager.lnk = C:\Programme\T-Online\DSL-Manager\TODslMgr.exe (User 'Default user')
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\scieplugin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178994744609
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B0DAB518-8924-416E-B478-DAF5C7037B0A} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: AusLogics Windows Themes Helper (ALThemeHelper) - Unknown owner - C:\Programme\AusLogics Visual Styler\themehelpersvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Personal Security Suite V (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Security Suite V\avp.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - Unknown owner - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDSched.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programme\Sandboxie\SbieSvc.exe
O23 - Service: SiteAdvisor-Dienst (SiteAdvisor Service) - Unknown owner - C:\Programme\SiteAdvisor\6172\SAService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WDPOperations - Unknown owner - C:\Programme\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE

--
End of file - 19811 bytes

POV 03.10.2007 10:54
Bitte kein Doppelposting!

Im Bios kann man nur schlecht fremden Quellcode ausführen!
Nichts wird entgültig gespeichert, um alle Bioseinstellungen zurück zu setzen musst du lediglich deinen PC aufschrauben, und die Biosbatterie ausbauen, und dann wieder einbauen.

Danach ist das Bios selber mit absoluter Sicherheit wie bei der Auslieferung!

Dein Problem hat aber eher nichts mit dem Bios zu tun!
Überprüfe mal die boot.ini. Dort dürfet vielleicht eine Änderung zu sehen sein.

Meine sieht so aus (hab aber schon ein bisschen darann rumgespielt):
Code:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /bootlogo /NOGUIBOOT /NoExecute=OptOut
Vielleicht findest du hier irgendetws, was beim Systemstart ausgeführt wird.
Auch anschauen könntest du dir die Autoexec.bat. Das was darin steht wird aber eigendlich erst später ausgeführt.

Ach ja, wenn es mit dem Bios zusammen hängen würde, würde dir deine Boot-CD auch nichts bringen!!!

Eric07 03.10.2007 12:33
Hab den Doppler gemacht, weil der zweite Post nicht in der ersten mehr gepasst hat.
Meine Boot.ini
Code:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
In der anderen ist bei mir nichts drin, die ein komplett leer.

Eric07 03.10.2007 18:45
Keiner ne Idee oder Hilfe ?

KarlKarl 03.10.2007 23:25
Hi,

wozu?
Zitat:
Zitat von Eric07
Also :
ES IST WEG.
boot.ini it ok, autoexec.bat leer ebenfalls.

Die Umschaltung zwischen klassischer Ansicht (das meinst Du ja wohl mit Windows 98) und dem Bonbon-Look von Windows XP erfolgt in den Eigenschaften der Anzeige im Register Design. Voraussetzung ist, dass der Service "Designs" läuft.

Wenn Du schon schreibst, dass Du mit "ThemXPdings" rumspielst, vermute ich erstmal, dass dort die Schuld zu suchen ist. Also erstmal sicherstellen, dass alle solchen Tools vollständig vom System verschwinden.

Gruß, Karl

Eric07 04.10.2007 14:51
Ich hatte es vorher aber schonmal (das komische Dings da) ohne Visual XP oder der gleichen.Habe zwischendrin aber mindestens schon 3 mal formatiert und dann wieder eine lange Zeit keine Problemme.

POV 04.10.2007 17:45
Die boot.ini ist OK! Das kann ich nur bestätigen.:daumenhoc

Hast du alles formatiert, oder nur die Systempatition?
Vieleicht ist es ein Virus, der auf einer anderen Partition liegt, und immerwieder das System verändert!?

Oder es ist irgendetwas, das schon beim Hersteller des Bios mit drauf gekommen ist. Dann würde aber nur ein neues Matherboard helfen.:confused:

Eric07 04.10.2007 20:20
Kauf mir bald nen neuen, am nächsten Sonntag ^^.
Also ich habe nur die System Partition formatiert und mehr nicht.
Hatte den glaubich schon drei mal, aber bis man den wiederbekommt vergeht fast schon wieder 1- 1/2 Jahr. Hatte aber auch schon irgendwie eine schlimmere Variante, als ich da in Windows war, was alles sau lahm. Xp in dem grau Design und Systemsteuerung deaktiviert, ohne Anschaltmöglichkeit. Tastmanager war auch weg, das eine was noch ging war die Registry, aber mit der könnte ich nichts anfangen. Aber das es so ungregelmäßig/regelmäßig passiert finde ich doch schon sehr komisch, vllt liegt es ja wirklich am MB.
Aber wie macht man sowas, es kommt ja direkt nach dem booten und vor Windows.
Heißt es nicht Motherboard, mit Hardware kenn ich mich nämlich aus :P ^^.

Eric07 05.10.2007 18:29
Keiner mehr ne Idee ?


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131