Trojaner / Virus ?!
9 Beiträge • Seite 1 von 1
Trojaner / Virus ?!
von ^r0xx am 13.01.2006, 13:24
Hi ,
Hab da ein mega Problem,wenn ich einfach nur mein Rechner anhabe kommen Werbefenster ausm Internet wie zum Beispiel:ebay,autoscout usw.Ich hab jetzt nod 32 durchlaufen lassen (bei einigen Dateien zeigt er an er könne sie nicht löschen) Adwarese hab ich auch durchlaufen auch hier kann er nicht alles löschen...Wie bekomme ich diese Werbung wieder weg ?Hab auch Cookies gelöscht. ?!
Tschau hoffe auf hilfe
Hab da ein mega Problem,wenn ich einfach nur mein Rechner anhabe kommen Werbefenster ausm Internet wie zum Beispiel:ebay,autoscout usw.Ich hab jetzt nod 32 durchlaufen lassen (bei einigen Dateien zeigt er an er könne sie nicht löschen) Adwarese hab ich auch durchlaufen auch hier kann er nicht alles löschen...Wie bekomme ich diese Werbung wieder weg ?Hab auch Cookies gelöscht. ?!
Tschau hoffe auf hilfe
- ^r0xx
- Beiträge: 15
- Registriert: 12.01.2006, 18:13
von ^r0xx am 13.01.2006, 14:06
ich habe gesehn das nikita jemand helfen konnte bei dem das problem mit der werbung auch bestand...daher habe ich auch hijack durchlaufen lassen :
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Eset\nod32krn.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\Programme\Eset\nod32kui.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Gamers.Interactive\Gamers.IRC\mirc.exe
C:\Dokumente und Einstellungen\Hauke´\Desktop\hijackthis\HijackThis.exe
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: e-zshopper 1.200 - {3D782BB3-F2A5-11D3-BF4C-000000000000} - C:\Programme\e-zshopper\BarLcher.dll (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Programme\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [mIRC] C:\Programme\Gamers.Interactive\Gamers.IRC\mirc.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRfox000
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite5\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite5\ICQLite.exe
O9 - Extra button: eZshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O9 - Extra 'Tools' menuitem: e-zshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\iwaksie.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\Object Desktop\WindowBlinds\fastload.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\SGF1a2U\command.exe (file missing)
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Programme\iPod\bin\iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programme\Eset\nod32krn.exe
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
thx im vorraus
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Eset\nod32krn.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\Programme\Eset\nod32kui.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Gamers.Interactive\Gamers.IRC\mirc.exe
C:\Dokumente und Einstellungen\Hauke´\Desktop\hijackthis\HijackThis.exe
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: e-zshopper 1.200 - {3D782BB3-F2A5-11D3-BF4C-000000000000} - C:\Programme\e-zshopper\BarLcher.dll (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Programme\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [mIRC] C:\Programme\Gamers.Interactive\Gamers.IRC\mirc.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRfox000
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite5\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite5\ICQLite.exe
O9 - Extra button: eZshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O9 - Extra 'Tools' menuitem: e-zshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {35E6B8B1-094D-4E15-A424-515E6C31E140} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\iwaksie.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\Object Desktop\WindowBlinds\fastload.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\SGF1a2U\command.exe (file missing)
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Programme\iPod\bin\iPodService.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programme\Eset\nod32krn.exe
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
thx im vorraus
- ^r0xx
- Beiträge: 15
- Registriert: 12.01.2006, 18:13
von Nikita am 13.01.2006, 15:15
stelle den Cleaner genauso ein, wie hier angegeben:
http://virus-protect.net/cleanup.html
http://virus-protect.net/datfindbat.html
kopiere hier die 4 textdateien (3 Monate vom Datum her)
http://virus-protect.net/cleanup.html
http://virus-protect.net/datfindbat.html
kopiere hier die 4 textdateien (3 Monate vom Datum her)
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von ^r0xx am 13.01.2006, 15:36
Verzeichnis von C:\WINDOWS\system32
13.01.2006 14:25 236.974 guard.tmp
13.01.2006 14:24 236.974 muoert2.dll
13.01.2006 14:22 235.067 g6jo0g13e6.dll
13.01.2006 14:13 236.974 kt0ul7d91.dll
13.01.2006 14:07 273 imon1.dat
13.01.2006 12:14 234.272 mCpi32.dll
10.01.2006 14:02 2.206 wpa.dbl
04.01.2006 21:10 442 mapisvc.inf
04.01.2006 21:10 114.688 nms32.dll
04.01.2006 21:10 245.760 imon.dll
02.01.2006 09:03 234.368 FNTCACHE.DAT
10.12.2005 17:13 8.464 sporder.dll
10.12.2005 14:49 3.176 sdbackup.reg
10.12.2005 02:09 2.321.408 TUKernel.exe
27.11.2005 17:57 128.000 Dsslji.dat
27.11.2005 13:17 98.304 CmdLineExt.dll
15.11.2005 16:52 40.972 perfc009.dat
15.11.2005 16:52 320.424 perfh007.dat
15.11.2005 16:52 314.644 perfh009.dat
15.11.2005 16:52 49.372 perfc007.dat
15.11.2005 16:52 732.342 PerfStringBackup.INI
13.11.2005 16:04 8 qwolt.pdg
12.11.2005 17:52 2.272 w95inf16.dll
12.11.2005 17:52 4.608 w95inf32.dll
Verzeichnis von C:\DOKUME~1\HAUKE~1\LOKALE~1\Temp
24.12.2005 19:33 24.613 IadHide5.dll
1 Datei(en) 24.613 Bytes
0 Verzeichnis(se), 3.879.792.640 Bytes frei
Verzeichnis von C:\WINDOWS
13.01.2006 14:23 2.048 bootstat.dat
13.01.2006 14:22 1.934.858 WindowsUpdate.log
13.01.2006 06:20 0 enewsletterpro1.dat
12.01.2006 20:11 199 wb.ini
11.01.2006 14:33 253.952 Setup1.exe
11.01.2006 14:33 74.752 ST6UNST.EXE
11.01.2006 13:19 54.156 QTFont.qfn
10.01.2006 16:51 19.373 DirectX.log
08.01.2006 20:26 227 system.ini
08.01.2006 00:36 215 wiadebug.log
07.01.2006 22:59 50 wiaservc.log
05.01.2006 13:44 624 win.ini
04.01.2006 19:29 1.409 QTFont.for
04.01.2006 18:52 71.789 wmsetup.log
04.01.2006 17:49 0 timessquare1.dat
04.01.2006 14:35 591.539 setupapi.log
02.01.2006 21:24 182.581 setupact.log
01.01.2006 19:10 0 T1_DE_EN.INI
25.12.2005 08:50 0 drsmartloadb1.dat
24.12.2005 19:33 179 LDM.log
24.12.2005 19:33 118.784 bwUnin-7.2.0.137-8876480SL.exe
24.12.2005 19:32 86 KE.log
23.12.2005 13:23 316.640 WMSysPr9.prx
18.12.2005 15:16 38 drsmartload.dat
18.12.2005 15:15 40 teller2.chk
18.12.2005 09:01 262 game.ini
15.12.2005 16:54 740 Thps3.INI
10.12.2005 17:16 182.272 NDNuninstall6_98.exe
10.12.2005 17:13 50.688 NDNuninstall6_38.exe
10.12.2005 16:56 107.132 UninstallFirefox.exe
10.12.2005 16:56 6.689 mozver.dat
10.12.2005 01:22 161 mta.ini
01.12.2005 14:10 2.174 WMEncoder.log
27.11.2005 13:59 919 GTA-SA_Trn_Settings.ini
25.11.2005 18:42 4 data4711.bak
25.11.2005 18:42 4 num41.jbd
25.11.2005 18:42 4 info147.sys
25.11.2005 18:34 20 sms2001.ini
22.11.2005 20:39 121 GEARInstall.log
16.11.2005 14:25 274.432 isysetup.exe
16.11.2005 13:31 32.582 SchedLgU.Txt
16.11.2005 13:10 0 0.log
04.11.2005 18:45 1.141 eReg.dat
04.11.2005 14:47 398.514 iis6.log
04.11.2005 14:47 69.815 ntdtcsetup.log
04.11.2005 14:47 112.063 comsetup.log
04.11.2005 14:47 14.936 tabletoc.log
04.11.2005 14:47 17.641 ocmsn.log
04.11.2005 14:47 154.227 tsoc.log
04.11.2005 14:47 1.917 imsins.log
04.11.2005 14:47 23.369 MedCtrOC.log
04.11.2005 14:47 179.974 ocgen.log
04.11.2005 14:47 55.359 netfxocm.log
04.11.2005 14:47 16.489 msgsocm.log
04.11.2005 14:47 295.417 FaxSetup.log
04.11.2005 14:47 108.656 msmqinst.log
04.11.2005 14:47 1.917 imsins.BAK
Verzeichnis von C:\
13.01.2006 14:33 0 sys.txt
13.01.2006 14:33 8.503 system.txt
13.01.2006 14:33 297 systemtemp.txt
13.01.2006 14:31 96.065 system32.txt
13.01.2006 14:23 536.399.872 hiberfil.sys
13.01.2006 14:22 805.306.368 pagefile.sys
13.01.2006 06:22 225 boot.ini
07.01.2006 19:24 159 IRC.txt
03.08.2004 21:59 251.184 ntldr
03.08.2004 21:38 47.564 NTDETECT.COM
04.07.2004 13:12 0 IO.SYS
04.07.2004 13:12 0 CONFIG.SYS
04.07.2004 13:12 0 MSDOS.SYS
04.07.2004 13:12 0 AUTOEXEC.BAT
18.08.2001 12:00 4.952 bootfont.bin
15 Datei(en) 1.342.115.189 Bytes
0 Verzeichnis(se), 3.879.792.640 Bytes frei
Die werbung kommt noch immer
13.01.2006 14:25 236.974 guard.tmp
13.01.2006 14:24 236.974 muoert2.dll
13.01.2006 14:22 235.067 g6jo0g13e6.dll
13.01.2006 14:13 236.974 kt0ul7d91.dll
13.01.2006 14:07 273 imon1.dat
13.01.2006 12:14 234.272 mCpi32.dll
10.01.2006 14:02 2.206 wpa.dbl
04.01.2006 21:10 442 mapisvc.inf
04.01.2006 21:10 114.688 nms32.dll
04.01.2006 21:10 245.760 imon.dll
02.01.2006 09:03 234.368 FNTCACHE.DAT
10.12.2005 17:13 8.464 sporder.dll
10.12.2005 14:49 3.176 sdbackup.reg
10.12.2005 02:09 2.321.408 TUKernel.exe
27.11.2005 17:57 128.000 Dsslji.dat
27.11.2005 13:17 98.304 CmdLineExt.dll
15.11.2005 16:52 40.972 perfc009.dat
15.11.2005 16:52 320.424 perfh007.dat
15.11.2005 16:52 314.644 perfh009.dat
15.11.2005 16:52 49.372 perfc007.dat
15.11.2005 16:52 732.342 PerfStringBackup.INI
13.11.2005 16:04 8 qwolt.pdg
12.11.2005 17:52 2.272 w95inf16.dll
12.11.2005 17:52 4.608 w95inf32.dll
Verzeichnis von C:\DOKUME~1\HAUKE~1\LOKALE~1\Temp
24.12.2005 19:33 24.613 IadHide5.dll
1 Datei(en) 24.613 Bytes
0 Verzeichnis(se), 3.879.792.640 Bytes frei
Verzeichnis von C:\WINDOWS
13.01.2006 14:23 2.048 bootstat.dat
13.01.2006 14:22 1.934.858 WindowsUpdate.log
13.01.2006 06:20 0 enewsletterpro1.dat
12.01.2006 20:11 199 wb.ini
11.01.2006 14:33 253.952 Setup1.exe
11.01.2006 14:33 74.752 ST6UNST.EXE
11.01.2006 13:19 54.156 QTFont.qfn
10.01.2006 16:51 19.373 DirectX.log
08.01.2006 20:26 227 system.ini
08.01.2006 00:36 215 wiadebug.log
07.01.2006 22:59 50 wiaservc.log
05.01.2006 13:44 624 win.ini
04.01.2006 19:29 1.409 QTFont.for
04.01.2006 18:52 71.789 wmsetup.log
04.01.2006 17:49 0 timessquare1.dat
04.01.2006 14:35 591.539 setupapi.log
02.01.2006 21:24 182.581 setupact.log
01.01.2006 19:10 0 T1_DE_EN.INI
25.12.2005 08:50 0 drsmartloadb1.dat
24.12.2005 19:33 179 LDM.log
24.12.2005 19:33 118.784 bwUnin-7.2.0.137-8876480SL.exe
24.12.2005 19:32 86 KE.log
23.12.2005 13:23 316.640 WMSysPr9.prx
18.12.2005 15:16 38 drsmartload.dat
18.12.2005 15:15 40 teller2.chk
18.12.2005 09:01 262 game.ini
15.12.2005 16:54 740 Thps3.INI
10.12.2005 17:16 182.272 NDNuninstall6_98.exe
10.12.2005 17:13 50.688 NDNuninstall6_38.exe
10.12.2005 16:56 107.132 UninstallFirefox.exe
10.12.2005 16:56 6.689 mozver.dat
10.12.2005 01:22 161 mta.ini
01.12.2005 14:10 2.174 WMEncoder.log
27.11.2005 13:59 919 GTA-SA_Trn_Settings.ini
25.11.2005 18:42 4 data4711.bak
25.11.2005 18:42 4 num41.jbd
25.11.2005 18:42 4 info147.sys
25.11.2005 18:34 20 sms2001.ini
22.11.2005 20:39 121 GEARInstall.log
16.11.2005 14:25 274.432 isysetup.exe
16.11.2005 13:31 32.582 SchedLgU.Txt
16.11.2005 13:10 0 0.log
04.11.2005 18:45 1.141 eReg.dat
04.11.2005 14:47 398.514 iis6.log
04.11.2005 14:47 69.815 ntdtcsetup.log
04.11.2005 14:47 112.063 comsetup.log
04.11.2005 14:47 14.936 tabletoc.log
04.11.2005 14:47 17.641 ocmsn.log
04.11.2005 14:47 154.227 tsoc.log
04.11.2005 14:47 1.917 imsins.log
04.11.2005 14:47 23.369 MedCtrOC.log
04.11.2005 14:47 179.974 ocgen.log
04.11.2005 14:47 55.359 netfxocm.log
04.11.2005 14:47 16.489 msgsocm.log
04.11.2005 14:47 295.417 FaxSetup.log
04.11.2005 14:47 108.656 msmqinst.log
04.11.2005 14:47 1.917 imsins.BAK
Verzeichnis von C:\
13.01.2006 14:33 0 sys.txt
13.01.2006 14:33 8.503 system.txt
13.01.2006 14:33 297 systemtemp.txt
13.01.2006 14:31 96.065 system32.txt
13.01.2006 14:23 536.399.872 hiberfil.sys
13.01.2006 14:22 805.306.368 pagefile.sys
13.01.2006 06:22 225 boot.ini
07.01.2006 19:24 159 IRC.txt
03.08.2004 21:59 251.184 ntldr
03.08.2004 21:38 47.564 NTDETECT.COM
04.07.2004 13:12 0 IO.SYS
04.07.2004 13:12 0 CONFIG.SYS
04.07.2004 13:12 0 MSDOS.SYS
04.07.2004 13:12 0 AUTOEXEC.BAT
18.08.2001 12:00 4.952 bootfont.bin
15 Datei(en) 1.342.115.189 Bytes
0 Verzeichnis(se), 3.879.792.640 Bytes frei
Die werbung kommt noch immer
- ^r0xx
- Beiträge: 15
- Registriert: 12.01.2006, 18:13
von ^r0xx am 13.01.2006, 20:25
Die Werbung ist leider immer noch da und nach dem Hochfahren kommt die Meldung das : "Beim Ausführen von ""C:\\Windows\system32\mirmsg.dll"",DllGetVersion"ist eine Ausnahme aufgetreten.
Wie bekomme ich das jetzt alles weg ?!
Thx im vorraus
Wie bekomme ich das jetzt alles weg ?!
Thx im vorraus
- ^r0xx
- Beiträge: 15
- Registriert: 12.01.2006, 18:13
von Nikita am 14.01.2006, 16:35
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked"
O3 - Toolbar: e-zshopper 1.200 - {3D782BB3-F2A5-11D3-BF4C-000000000000} - C:\Programme\e-zshopper\BarLcher.dll (file missing)
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRfox000
O9 - Extra button: eZshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O9 - Extra 'Tools' menuitem: e-zshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\iwaksie.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\SGF1a2U\command.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
--------------------------------------------------------------------------
KILLBOX - Pocket KillBox
http://virus-protect.net/killbox.html
Options: Delete on Reboot --> anhaken
reinkopieren:
...
und klicke auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "---- klicke auf "no",und kopiere das nächste rein, erst beim letzten auf "yes"
C:\WINDOWS\system32\guard.tmp
c:\windows\system32\dllcache\win32\winlogon.exe
C:\\Windows\system32\mirmsg.dll
C:\WINDOWS\system32\muoert2.dll
C:\WINDOWS\system32\iwaksie.dll
C:\WINDOWS\system32\g6jo0g13e6.dll
C:\WINDOWS\system32\kt0ul7d91.dll
C:\WINDOWS\system32\imon1.dat
C:\WINDOWS\system32\mCpi32.dll
C:\WINDOWS\system32\nms32.dll
C:\WINDOWS\system32\imon.dll
C:\WINDOWS\system32\sporder.dll
C:\WINDOWS\system32\Dsslji.dat
C:\WINDOWS\isysetup.exe
C:\WINDOWS\enewsletterpro1.dat
C:\WINDOWS\drsmartloadb1.dat
C:\WINDOWS\drsmartload.dat
C:\WINDOWS\timessquare1.dat
C:\WINDOWS\teller2.chk
C:\WINDOWS\NDNuninstall6_98.exe
C:\WINDOWS\NDNuninstall6_38.exe
PC neustarten
loeschen, falls es noch vorhanden ist:
C:\WINDOWS\SGF1a2U
anwenden
http://virus-protect.net/cleanup.html
1. - L2MRemover.zip - Look2Me Remover anwenden
2. - Option 2 von L2mfix anwenden und den scanreport hier posten
http://virus-protect.net/l2mfix.html
-----------------
dann gibt es noch mehr zu tun.
deshalb berichte, wenn du fertig bist.
O3 - Toolbar: e-zshopper 1.200 - {3D782BB3-F2A5-11D3-BF4C-000000000000} - C:\Programme\e-zshopper\BarLcher.dll (file missing)
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRfox000
O9 - Extra button: eZshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O9 - Extra 'Tools' menuitem: e-zshopper - {BFA03761-5565-41b3-93D9-82B354C0A8EC} - SHDOCVW.DLL (file missing)
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\iwaksie.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\SGF1a2U\command.exe (file missing)
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
--------------------------------------------------------------------------
KILLBOX - Pocket KillBox
http://virus-protect.net/killbox.html
Options: Delete on Reboot --> anhaken
reinkopieren:
...
und klicke auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "---- klicke auf "no",und kopiere das nächste rein, erst beim letzten auf "yes"
C:\WINDOWS\system32\guard.tmp
c:\windows\system32\dllcache\win32\winlogon.exe
C:\\Windows\system32\mirmsg.dll
C:\WINDOWS\system32\muoert2.dll
C:\WINDOWS\system32\iwaksie.dll
C:\WINDOWS\system32\g6jo0g13e6.dll
C:\WINDOWS\system32\kt0ul7d91.dll
C:\WINDOWS\system32\imon1.dat
C:\WINDOWS\system32\mCpi32.dll
C:\WINDOWS\system32\nms32.dll
C:\WINDOWS\system32\imon.dll
C:\WINDOWS\system32\sporder.dll
C:\WINDOWS\system32\Dsslji.dat
C:\WINDOWS\isysetup.exe
C:\WINDOWS\enewsletterpro1.dat
C:\WINDOWS\drsmartloadb1.dat
C:\WINDOWS\drsmartload.dat
C:\WINDOWS\timessquare1.dat
C:\WINDOWS\teller2.chk
C:\WINDOWS\NDNuninstall6_98.exe
C:\WINDOWS\NDNuninstall6_38.exe
PC neustarten
loeschen, falls es noch vorhanden ist:
C:\WINDOWS\SGF1a2U
anwenden
http://virus-protect.net/cleanup.html
1. - L2MRemover.zip - Look2Me Remover anwenden
2. - Option 2 von L2mfix anwenden und den scanreport hier posten
http://virus-protect.net/l2mfix.html
-----------------
dann gibt es noch mehr zu tun.
deshalb berichte, wenn du fertig bist.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von ^r0xx am 14.01.2006, 22:58
als ich alles bis "Pc neustarten" gemacht hab und ihn wieder hochgefahren hab konnte er keine Internet Verbindung herstellen ! An meinem Router kann es nicht liegen da ich Verbindung laut dem Router haben beide PC internet allerdings hat nur einer internet.Auf dem wo ich die daten wie beschrieben gelöscht habe finde ich keine Verbindung...
wie bekomme ich diese wieder ?
wie bekomme ich diese wieder ?
- ^r0xx
- Beiträge: 15
- Registriert: 12.01.2006, 18:13
von ^r0xx am 15.01.2006, 12:28
ja ok ich werde den ersten Vorschalg wählen 
hatte schon seit längerem daran gedacht und auch an Linux aber da Linux ja nicht sehr änfängerfreundlich ist werde ich auch das lassen...
also wieder Windows
Tschau
Thx für die hilfe
mfg ^r0xx
hatte schon seit längerem daran gedacht und auch an Linux aber da Linux ja nicht sehr änfängerfreundlich ist werde ich auch das lassen...
also wieder Windows
Tschau
Thx für die hilfe
mfg ^r0xx
- ^r0xx
- Beiträge: 15
- Registriert: 12.01.2006, 18:13
9 Beiträge • Seite 1 von 1
Ähnliche Themen
| Trojaner virus???? Forum: Software-Hilfe Autor: shao Antworten: 6 |
Virus + Trojaner :( Forum: Online- und PC-Sicherheit Autor: len0rd Antworten: 8 |
Virus und Trojaner?? Forum: Online- und PC-Sicherheit Autor: Malleking Antworten: 13 |
Virus? Trojaner`? Forum: Online- und PC-Sicherheit Autor: tompa Antworten: 5 |
virus/trojaner ? :( Forum: Online- und PC-Sicherheit Autor: zillmatt Antworten: 7 |
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste