Saturday, April 20th 2024, 9:53am UTC+2

You are not logged in.


Virenproblem

Dear visitor, welcome to Youngbiker.de Forum - Community & Infos für 125er, Sportler, Enduros, Supermotos, Tourer, Chopper und Cruiser. If this is your first visit here, please read the Help. It explains how this page works. You must be registered before you can use all the page's features. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

Matthias

Super Moderator

Date of registration: Oct 20th 2001

Posts: 12,991

Bike: hab nen Fahrrad und ne Monatskarte für die Bahn...

Location: Fürth - BAY/Dortmund - NRW

1

Wednesday, November 14th 2007, 10:29am

Virenproblem

Hallo,

hab mir hier gestern was eingefangen, aktuelle Version von AntiVir ist zwar gelaufen, aber konnte das nicht verhindern. Die ganze scheiße legt jedenfalls hier alles lahm, Prozessor (an dem liegts nicht!) ist zu 60% ausgelastet etc....

Hab jetzt unten immer so Pseudo "Alerts" auftauchen, die mir das blaue vom Himmel erzählen wollen (siehe Anhang)...

Hab mal ein HiJackThis Logfile gemacht....was kann da raus?

Logfile of HijackThis v1.99.1
Scan saved at 10:23:39, on 14.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Programme\FRITZ!DSL\IGDCTRL.EXE
I:\Programme\Bonjour\mDNSResponder.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
I:\WINDOWS\system32\svchost.exe
I:\Programme\WZCBDL Service\WZCBDLS.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\system32\ctfmon.exe
I:\Programme\D-Link\Air Utility\AirCFG.exe
I:\Programme\QuickTime\qttask.exe
I:\WINDOWS\RTHDCPL.EXE
I:\WINDOWS\SkyTel.EXE
I:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
I:\Programme\Java\jre1.5.0_06\bin\jusched.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe
I:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
I:\Programme\Adobe\Adobe Photoshop Lightroom\apdproxy.exe
I:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
I:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
I:\Programme\iriver\iriver plus 2\iAgent2.exe
I:\Programme\FRITZ!DSL\StCenter.exe
I:\Programme\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
I:\Programme\Logitech\SetPoint\SetPoint.exe
I:\Programme\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
I:\Programme\Yahoo!\Widgets\YahooWidgetEngine.exe
I:\Programme\Yahoo!\Widgets\YahooWidgetEngine.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Programme\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
I:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
I:\WINDOWS\system32\HPZipm12.exe
I:\Programme\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
I:\WINDOWS\system32\rundll32.exe
I:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Microsoft AntiSpyware\gcasServ.exe
I:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
I:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
I:\Programme\Avira\AntiVir PersonalEdition Classic\avcenter.exe
I:\Programme\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Adaware Programme\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - I:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\programme\google\googletoolbar3.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - I:\WINDOWS\system32\xoklkyuc.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [D-Link Air Utility] I:\Programme\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [QuickTime Task] "I:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] I:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] I:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] I:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MMTray] "I:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "I:\Programme\Adobe\Adobe Photoshop Lightroom\apdproxy.exe"
O4 - HKLM\..\Run: [bgsmsnd.exe] I:\WINDOWS\System32\spool\DRIVERS\W32X86\2\bgsmsnd.exe
O4 - HKLM\..\Run: [avgnt] "I:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "I:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [787ca54e] rundll32.exe "I:\WINDOWS\system32\srgdnpyl.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "I:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [iPlusAgent2] "I:\Programme\iriver\iriver plus 2\iAgent2.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [AnyDVD] I:\Programme\SlySoft\AnyDVD\AnyDVD.exe
O4 - Startup: Adobe Gamma.lnk = I:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Yahoo! Widget Engine.lnk = I:\Programme\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: FRITZ!DSL Startcenter.lnk = I:\Programme\FRITZ!DSL\StCenter.exe
O4 - Global Startup: hp psc 2000 Series.lnk = I:\Programme\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = I:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = I:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://I:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://I:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - I:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: i:\programme\bonjour\mdnsnsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - I:\Programme\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat…b?1167737908062
O18 - Protocol: bw+0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - I:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - I:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: offline-8876480 - {82BFEE62-AA01-412C-AAF3-529CD9ADEB8D} - I:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - I:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: I:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - I:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - I:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - I:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - I:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - I:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - I:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - I:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WZCBDL Service (WZCBDLService) - D-Link - I:\Programme\WZCBDL Service\WZCBDLS.exe
Matthias has attached the following images:
  • vir1.jpg
  • vir2.jpg
SpVgg Fürth
  • Go to the top of the page

Falk

Administrator

Date of registration: Oct 30th 2007

Posts: 4,086

Location: Leutenbach

2

Wednesday, November 14th 2007, 10:48am

Sehe bei den Prozessen auf den ersten Blick keinen Virus; nur viele unnötige Backgroundtasks, die keinen Nutzen bringen. Allerdings habe ich in Erinnerung, dass die aktuelle Alcohol 120 mit Starwind von Haus aus Spyware mitbringt. Würde an deiner Stelle mal eine volle Virensuche machen und Spybot drüberlaufen lassen. Spybot ist eigentlich recht zuverlässig und findet eine Menge Problemfälle.
  • Go to the top of the page

DaBomb

Administrator

Date of registration: Sep 2nd 2001

Posts: 3,265

Bike: KTM 690 SMCR

Location: Saarland

3

Wednesday, November 14th 2007, 11:24am

Eindeutig Spyware/Adware die du Dir da eingefangen hast.

Versuchs entweder mit Windows Defender oder sonstigen gängigen Aufspürprogrammen...
:)11..:MotoXworld.de:.. Enduro, Supermoto & MotoCross :)11
  • Go to the top of the page

Matthias

Super Moderator

Date of registration: Oct 20th 2001

Posts: 12,991

Bike: hab nen Fahrrad und ne Monatskarte für die Bahn...

Location: Fürth - BAY/Dortmund - NRW

4

Wednesday, November 14th 2007, 12:33pm

Spybot hat zwar 2-3 Sachen gefunden, aber leider nicht das was ich drauf hab :(

Windows Defender kann ich nicht installieren :rolleyes:

Lasse jetzt einfach auch nochmal komplett nen Systemcheck mit Antivir drüber laufen...
SpVgg Fürth
  • Go to the top of the page

Matthias

Super Moderator

Date of registration: Oct 20th 2001

Posts: 12,991

Bike: hab nen Fahrrad und ne Monatskarte für die Bahn...

Location: Fürth - BAY/Dortmund - NRW

5

Wednesday, November 14th 2007, 1:44pm

SmitFraudFix, Ewido, Avenger etc.pp alles bisher nix gebracht.
SpVgg Fürth
  • Go to the top of the page

125withLIquid

Date of registration: May 23rd 2007

Posts: 523

Location: Bei München

6

Wednesday, November 14th 2007, 1:46pm

Ich hab da so nen Spyware Doctor und das funzt recht gut ich glaube denn gleichen wie du hatte ich auch schon mal musste xp neu installieren ;)
- 896mb XFX GeForce GTX 260 666M Black Edition

- P45 MSI P45 Neo2-FR

- GDDR3G.Skill DIMM Kit 4GB

- PC2-8000UIntel Core 2 Duo E8400 übertaktet auf 3,8 gHz
  • Go to the top of the page

SuperSkunk

Date of registration: Dec 3rd 2001

Posts: 4,380

Location: Berlin

7

Wednesday, November 14th 2007, 2:17pm

In naher Vergangenheit n Videocodec installiert?


Raeum aber wirklich mal deinen Autostart auf! Ist ja grausam voll mit allerlei Nonsens. :-)
...and now we start with these nice little clouds.
  • Go to the top of the page

DerHetzer

* Fahrschlampe *

Date of registration: Aug 15th 2003

Posts: 1,987

Location: Delirium

8

Wednesday, November 14th 2007, 2:43pm

hab zur zeit nen scheiß hijacker:
unabhängig davon, ob der browser schon geöffnet ist oder nicht, öffnet sich n popup mit ner ok/abbrechen abfrage.
beim schließen des popups kommt nochmal ok/abbrechen, dann hängt der browser erstma für 10-20 sekunden.
Das popup is immer "Festplattenreiniger" oder "SecurePCCleaner" und kommt unregelmäßig
spybot, adaware, antivir, manuelle löschung haben nix geholfen... werd den wohl auch neu aufsetzen müssen

nur die software spyhunter 2.9 findet den, zum entfernen müsst ich aber die lizenz kaufen, weil ich die serial nich finde. da setz ich lieber neu auf

oder kann da ad-hoc jemand was zu sagen?
Corehard? COFFEECORE!!!
________________________________________________
"Spare, lerne, leiste was, dann haste, kannste, biste was!"
  • Go to the top of the page

Matthias

Super Moderator

Date of registration: Oct 20th 2001

Posts: 12,991

Bike: hab nen Fahrrad und ne Monatskarte für die Bahn...

Location: Fürth - BAY/Dortmund - NRW

9

Wednesday, November 14th 2007, 5:00pm

So jetzt eben VundoFix rüber laufen lassen, hat ne *.dll im System32 Ordner gefunden, konnte sie aber nicht löschen, also im Abgesicherten nochmal gemacht und da hat er die dll dann gelöscht wohl...bisher siehts ganz gut aus.
SpVgg Fürth
  • Go to the top of the page

Machete

Date of registration: Oct 29th 2007

Posts: 666

10

Wednesday, November 14th 2007, 7:07pm

is n trojaner der spyware runterlädt...dachte erst an "virusprotect" hatte den aufm laptop sehr ominös von den meldungen wäre es gleich
http://vids.myspace.com/index.cfm?fuseac…eoID=2017763052 so schauts aus...

This post has been edited 1 times, last edit by "Machete" (Nov 14th 2007, 8:20pm)

  • Go to the top of the page
Rate this thread