HijackThis dringende hilfe benötigt!!!

  • geschlossen
  • Problem

  • tommyboy
  • 1227 Aufrufe 4 Antworten

Diese Seite verwendet Cookies. Durch die Nutzung unserer Seite erklären Sie sich damit einverstanden, dass wir Cookies setzen. Weitere Informationen

  • HijackThis dringende hilfe benötigt!!!

    Hallo zusammen,

    ich werde noch verrückt. Habe seit zwei Tagen riesige Probleme mit meinem PC. Geschindigkeit gleich null. Habe XP Prof. und Bitdefender. Bitdefender findet nach jedem Neustart wieder Trojaner und Viren. Sieht so aus als würden diese sich ständig wieder selbst verstellen. Wer kann schnell unten genannte Logdatei durchsehen und mir sagen was weg muß.

    Danke und Gruß

    Tommyboy

    Logfile of HijackThis v1.99.1
    Scan saved at 20:09:39, on 11.08.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Thomson SpeedTouch\ST330\service\st330service.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\SCardSvr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\softwin\BITDEF~2\bdswitch.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\nMtsk.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
    C:\PROGRA~1\softwin\BITDEF~2\bdnagent.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\WINDOWS\system32\kernels8.exe
    C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe
    C:\WINDOWS\system32\rpcc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Duden\Duden Korrektor\dk3tray.exe
    C:\Program Files\GMX\GMX SMS-Manager\SMSMngr.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    C:\Program Files\Office-Bibliothek\officebib.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\msrdusrc.exe
    C:\Program Files\WinTV\WinTV2K.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
    C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
    c:\progra~1\softwin\bitdef~2\bdmcon.exe
    C:\Program Files\Softwin\BitDefender9\vsserv.exe
    c:\progra~1\softwin\bitdef~2\bdlite.exe
    D:\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.icq.com/search/search_frame.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ICQ.com Search Results
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
    O3 - Toolbar: T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - C:\PROGRA~1\LANGEN~1.0\Engine\mte\StdAlone\T1IE.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~2\bdswitch.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nMTaskBarService] nMtsk.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [BDMCon] c:\PROGRA~1\softwin\BITDEF~2\bdmcon.exe
    O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~2\bdnagent.exe"
    O4 - HKLM\..\Run: [CallControl 4.5] C:\Program Files\FaxTalk Communicator\FTCtrl32.exe /autoload
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [System] C:\WINDOWS\system32\kernels8.exe
    O4 - HKLM\..\Run: [diagnostics] "C:\Program Files/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe" /icon -l:de
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Duden Korrektor 3.0] C:\Program Files\Duden\Duden Korrektor\dk3tray.exe
    O4 - HKCU\..\Run: [GMX SMS-Manager] C:\Program Files\GMX\GMX SMS-Manager\SMSMngr.exe
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [AtomSync] "C:\Program Files\AtomSync\atomsync.exe"
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_7
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
    O4 - HKCU\..\Run: [1f392117.exe] C:\Documents and Settings\Thomas\Local Settings\Application Data\1f392117.exe
    O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ?
    O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Office-Bibliothek-Direktsuche.lnk = C:\Program Files\Office-Bibliothek\PCLib.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Drucken - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Schnelldruck - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Vorschau - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Zu Druckliste hinzufügen - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesde.dll
    O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Program Files\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
    O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {0e921e80-267a-42aa-aee4-60b9a1222a44} - C:\Program Files\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
    O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {94D2A75C-43C4-423B-8ED5-499D4E6F2CB6} - C:\Program Files\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
    O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {94D2A75C-43C4-423B-8ED5-499D4E6F2CB6} - C:\Program Files\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
    O15 - Trusted Zone: *.sxload.com
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - mk:@MSITStore:C:\WINDOWS\lca.chm::/bridge-c18.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - mk:@MSITStore:C:\WINDOWS\ysa.chm::/ysb_regular.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{24F5AEDE-4D35-4AAE-A444-9AAD8E049FB0}: NameServer = 80.97.194.3 80.97.194.4
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F394604A-B947-4274-900E-B249859857F8}: NameServer = 193.231.233.1,193.231.233.8
    O18 - Protocol: bw+0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: sockspy.dll wmspfsus.dll lprhwmpl.dll
    O20 - Winlogon Notify: msrdusrc - C:\WINDOWS\system32\msrdusrc.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Microsoft ASPI Manager (aspi113210) - Unknown owner - C:\WINDOWS\system32\aspi72298.exe (file missing)
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
    O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson SpeedTouch/ST330/service/st330service.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
    O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

  • Kopier deinen Logfile und geh auf hijackthis.de , unten fügst du ihn dann in das textfeld ein. Die Auswertung zeigt dir dann welche Einträge du fixen musst.

    gruß
    symbi0se
    [SIZE=1][FONT="Courier New"]$posts++;[/FONT]
    [COLOR="black"]"Ich bin eine Mischung aus jung und erfahren, so etwas findet man sonst ja nur auf dem Straßenstrich." [/color]
    [LEFT] /!\ Nützliches: Meine Uploads [Info] Werbefrei mit Adblock [Tutorial] + Kostenlose SMS [Liste] + IPV vereinfachen [Info][/LEFT]
    [/SIZE]

  • ich hab dir diese wahnsinnig lange liste :eek: mal online reingesetzt und auswerten lassen - folgendes kam dabei raus:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ICQ.com Search Results
    Böse Dieser Eintrag sollte unbedingt mit HijackThis gefixt werden!
    Dieser Eintrag sollte unbedingt mit HijackThis gefixt werden!

    O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
    Böse Added by the W32/RBOT-QE WORM!
    Trefferquote: 74,32 % (Resultate)
    Unbedingt fixen!

    O4 - HKCU\..\Run: [1f392117.exe] C:\Documents and Settings\Thomas\Local Settings\Application Data\1f392117.exe
    Eventuell Böse
    Trefferquote: 0,00 % (Resultate)
    Der Programmname scheint der gleiche zu sein, wie der Dateiname. Oft wird das von Trojanern herbeigeführt. Um ganz sicher zu sein, sollten Sie diese Datei hier überprüfen.

    O15 - Trusted Zone: *.sxload.com
    Eventuell Böse Wenn hier aufgeführte Internet-Seiten nicht wissentlich unter 'Vertrauenswürdige Seiten' hinzugefügt wurden, sollten diese mit HijackThis gefixt werden.
    Wenn '*.sxload.com' nicht wissentlich zu Ihren 'Vertrauenswürdigen Seiten' gehört, bitte fixen.
    O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - mk:@MSITStore:C:\WINDOWS\lca.chm::/bridge-c18.cab
    Böse Dieser Eintrag ist vermutlich Böse.
    Sollte gefixt werden!

    O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - mk:@MSITStore:C:\WINDOWS\ysa.chm::/ysb_regular.cab
    Böse Dieser Eintrag ist vermutlich Böse.
    Sollte gefixt werden!

    O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe
    Böse Dieser Eintrag wurde von unseren Besuchern als böse eingestuft.
    Klicken Sie auf die Sterne und schauen Sie sich die Kommentare der Besucher an, um zu sehen, warum der Eintrag so eingestuft wurde.


    und folgenden eintrag hast du so an die 100 mal da drin - da kann ja auch was nicht mit stimmen?!?
    O18 - Protocol: bww0s - {17993C72-A100-4989-800E-C7EEB2D10E9D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    Eventuell Böse Nur wenige Hijacker werden hier angezeigt. Die bekannten sind 'cn' (CommonName) , 'ayb' (Lop.com) und 'relatedlinks' (Huntbar) . Diese sollten mit HijackThis gefixt werden.


    es sind noch ein paar unbekannte prozesse drin - aber da kannste ja dann evtl nochmal selbst nachsehen?!?

    good luck

    greetz

    janus
    --=== wanna receive a smile? - give a smile! ===--
    oooo
    wanna see my BL?

  • O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe ist ein Virus der beim jedem Systemstart geladen wird. Er steht in der Registry in dem RUN-Zweig.
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page sagt einfach das bei dir ICQ.com als Suchmaschine eingestellt ist.

    Hinter C:\WINDOWS\system32\nvsvcd.exe ist oft ein Trojaner.