|
Log-Analyse und Auswertung: Unbekanntes VerhaltenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.04.2005, 07:53 | #1 |
| Unbekanntes Verhalten Hallo, mein Rechner weißt in allen nicht wiederholbaren Lagen auf Probleme hin und will diese an MS senden. Ich weiß nicht was es ist. Ich tippe mal auf Speicher oder aber Hijacker. Durch HijackThis wird immer Logitech als schlecht oder evtl. böse markiert. Kann mir da jemand helfen? Gembird ist ein Programm für eine programmierbare Steckerleiste (abschalten der Geräte) Danke Hier ist mein Log: Logfile of HijackThis v1.99.1 Scan saved at 08:31:14, on 29.04.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Ahead\InCD\InCDsrv.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Programme\Gembird\Power Manager\pm2.exe C:\PROGRA~1\TRAFFI~1\TRAFFICMONITOR.EXE C:\Programme\Java\jre1.5.0_02\bin\jusched.exe C:\Programme\Ahead\InCD\InCD.exe C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\cfos\cFosSpeed.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\Programme\Skype\Phone\Skype.exe C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwguard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Programme\cfos\spd.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Programme\Logitech\SetPoint\KEM.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Programme\WinZip\WZQKPICK.EXE C:\PROGRAMME\LOGITECH\SETPOINT\KHALMNPR.EXE C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\GEMEIN~1\Nokia\Services\SERVIC~1.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Programme\Raxco\PerfectDisk\PDSched.exe C:\Programme\Logitech\SetPoint\MediaPlayerMgr.exe C:\WINDOWS\system32\mshearts.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgwb.dat c:\programme\internet explorer\iexplore.exe C:\PROGRA~1\WINZIP\winzip32.exe e:\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {EA2F9B93-1CB9-4AD3-8FCF-5879F2049A2B} - C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwgieac.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTDVDDET] C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [SBDrvDet] C:\Programme\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Power Manager] "C:\Programme\Gembird\Power Manager\pm2.exe" -winstartup O4 - HKLM\..\Run: [TrafficMonitor] C:\PROGRA~1\TRAFFI~1\TRAFFICMONITOR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Nokia Tray Application] C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [cFosSpeed] C:\Programme\cfos\cFosSpeed.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [Password Guard] C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwguard.exe /STARTUP O4 - Startup: Quicken 2005 Zahlungserinnerung.lnk = C:\Programme\Lexware\Quicken2005\billmind.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Preispiraten 2.1.3 - {86DE8B3B-1EB7-4386-84BD-EBE94348A913} - C:\Programme\Preispiraten\Preispiraten2\preispiraten2ie.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O15 - Trusted Zone: www.computerwoche.de O15 - Trusted Zone: www.microsoft.de O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...58/mcfscan.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O18 - Protocol: bw+0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\lexware\Haufe\HaufeReader\HRInstmon.dll O18 - Protocol: offline-8876480 - {B75F9C84-3237-43D2-9975-6FD6093BB51C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: LBTServ - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\lbtserv.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Programme\cfos\spd.exe" -service (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDSched.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe |
29.04.2005, 08:10 | #2 |
| Unbekanntes Verhalten hi, bitte diese dateien hier bei Jotti oder Virustotal überprüfen lassen, ergebnis hier posten.
__________________C:\Programme\Gembird\Power Manager\pm2.exe C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwguard.exe C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwgieac.dll C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\lbtserv.dll
__________________ |
29.04.2005, 10:18 | #3 |
| Unbekanntes Verhalten Hallo,
__________________vielen Dank für die schnelle Antwort. Hier sind die Ergebnisse: Results of a file scan This is a report processed by VirusTotal on 04/29/2005 at 09:35:55 (CET) after scanning the file "pwguard.exe" file. Antivirus Version Udate Result AntiVir 6.30.0.7 04.28.2005 no virus found AVG 718 04.27.2005 no virus found BitDefender 7.0 04.28.2005 no virus found ClamAV devel-20050307 04.28.2005 no virus found DrWeb 4.32b 04.28.2005 no virus found eTrust-Iris 7.1.194.0 04.28.2005 no virus found eTrust-Vet 11.7.0.0 04.29.2005 no virus found Fortinet 2.51 04.28.2005 no virus found F-Prot 3.16b 04.28.2005 no virus found Ikarus 2.32 04.28.2005 no virus found Kaspersky 4.0.2.24 04.29.2005 no virus found McAfee 4479 04.28.2005 no virus found NOD32v2 1.1083 04.29.205 no virus found Norman 5.70.10 04.26.2005 no virus found Panda 8.02.00 04.28.2005 no virus found Sybari 7.5.1314 04.29.2005 no virus found Symantec 8.0 04.28.2005 no virus found VBA32 3.10.3 04.28.2005 no virus found Results of a file scan This is a report processed by VirusTotal on 04/29/2005 at 10:17:45 (CET) after scanning the file "pwgieac.dll" file. Antivirus Version Udate Result AntiVir 6.30.0.7 04.28.2005 no virus found AVG 718 04.27.2005 no virus found BitDefender 7.0 04.28.2005 no virus found ClamAV devel-20050307 04.28.2005 no virus found DrWeb 4.32b 04.28.2005 no virus found eTrust-Iris 7.1.194.0 04.28.2005 no virus found eTrust-Vet 11.7.0.0 04.29.2005 no virus found Fortinet 2.51 04.28.2005 no virus found F-Prot 3.16b 04.28.2005 no virus found Ikarus 2.32 04.28.2005 no virus found Kaspersky 4.0.2.24 04.29.2005 no virus found McAfee 4479 04.28.2005 no virus found NOD32v2 1.1083 04.29.205 no virus found Norman 5.70.10 04.26.2005 no virus found Panda 8.02.00 04.28.2005 no virus found Sybari 7.5.1314 04.29.2005 no virus found Symantec 8.0 04.28.2005 no virus found VBA32 3.10.3 04.28.2005 no virus found Results of a file scan This is a report processed by VirusTotal on 04/29/2005 at 10:19:54 (CET) after scanning the file "LBTServ.dll" file. Antivirus Version Udate Result AntiVir 6.30.0.7 04.28.2005 no virus found AVG 718 04.27.2005 no virus found BitDefender 7.0 04.28.2005 no virus found ClamAV devel-20050307 04.28.2005 no virus found DrWeb 4.32b 04.28.2005 no virus found eTrust-Iris 7.1.194.0 04.28.2005 no virus found eTrust-Vet 11.7.0.0 04.29.2005 no virus found Fortinet 2.51 04.28.2005 no virus found F-Prot 3.16b 04.28.2005 no virus found Ikarus 2.32 04.28.2005 no virus found Kaspersky 4.0.2.24 04.29.2005 no virus found McAfee 4479 04.28.2005 no virus found NOD32v2 1.1083 04.29.205 no virus found Norman 5.70.10 04.26.2005 no virus found Panda 8.02.00 04.28.2005 no virus found Sybari 7.5.1314 04.29.2005 no virus found Symantec 8.0 04.28.2005 no virus found VBA32 3.10.3 04.28.2005 no virus found Die pm2.exe ist 7 MB groß. Das dauert ein bißchen länger. Gruß |
29.04.2005, 10:22 | #4 |
| Unbekanntes Verhalten die geht nicht, zumindest hat das früher nicht funktioniert
__________________ lg HijackThis, Security-Tool Geändert von Passat2002 (29.04.2005 um 10:32 Uhr) |
29.04.2005, 10:31 | #5 |
| Unbekanntes Verhalten hi --------------------------------------- bei windows xp und windows me, sollte man zuerst versuchen, mit hilfe der systemwiederherstellung den rechner in einen früheren zustand zu bringen, wähle einen herstellungspunkt, der vor der infektion liegt, system neu starten. sollte das nicht mehr möglich sein -> --------------------------------------- start->systemsteuerung->software->programme ändern oder entfernen-> nachsehen, ob hier ein,oder mehrere programme installiert sind, die nicht absichtlich von dir installiert wurden, deinstallieren -> name der programme hier posten! kann ein programm nicht deinstalliert werden, ein möglicher grund: es ist in verwendung, mit dem taskmanager beenden und dann deinstallieren. --------------------------------------- meist gibt es bei antivirenprogrammen einen infectet oder quarantäne-ordner, diesen bitte leeren. --------------------------------------- start->systemsteuerung->internetoptionen->karteikarte allgemein->cookies und dateien löschen, verlauf leeren und einstellungen nie aktivieren --------------------------------------- explorer starten C:\ markieren, rechte maustaste ->eigenschaften wählen->bereinigen->hier folgendes aktivieren übertragene programmdateien, temporary internet files, offlinewebseiten, papierkorb,temporäre dateien (ordneransicht beachten, und alle temp. ordner suchen, sind noch dateien vorhanden manuell löschen) > geschützte systemdateien ausblenden < deaktivieren und > versteckte ordner und verzeichnisse < aktivieren --------------------------------------- deaktiviere die systemwiederherstellung,wechsle in den abgesicherter modus von winxp und fixe mit HijackThis die nachfolgenden einträge O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe 018 alle logitech O20 - Winlogon Notify: LBTServ - C:\Programme\Gemeinsame Dateien\Logitech\Bluetooth\lbtserv.dll danach im abegsicherten modus zuerst mit deiner antivirensoftware, dann mit adaware und zum schluss mit spybot s&d scannen, bereinigen und fehler beheben lassen, neustart --------------------------------------- regcleaner von chip.de oder zdnet downloaden, unter options, language, select language, deutsch auswählen, dann unter tools, registry säubern, alles durchführen --------------------------------------- nun ein aktuelles logfile und deinen eindruck vom rechner posten
__________________ lg HijackThis, Security-Tool |
29.04.2005, 11:33 | #6 | |
| Unbekanntes Verhalten Nach deinen Ausführungen ist mein Rechner infiziert.? Oder wie kann ich es verstehen? Und was bedeutet: Zitat:
|
29.04.2005, 11:38 | #7 | |
| Unbekanntes Verhalten hi ja, du hast malware auf dem rechner Zitat:
__________________ lg HijackThis, Security-Tool |
29.04.2005, 15:05 | #8 |
| Unbekanntes Verhalten Hier ist das Log nach der, hoffentlich positiven, Reinigung. Logfile of HijackThis v1.99.1 Scan saved at 16:03:04, on 29.04.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Ahead\InCD\InCDsrv.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Programme\Gembird\Power Manager\pm2.exe C:\PROGRA~1\TRAFFI~1\TRAFFICMONITOR.EXE C:\Programme\Java\jre1.5.0_02\bin\jusched.exe C:\Programme\Ahead\InCD\InCD.exe C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\cfos\cFosSpeed.exe C:\Programme\PestPatrol\PPMemCheck.exe C:\Programme\PestPatrol\CookiePatrol.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Skype\Phone\Skype.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwguard.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Programme\cfos\spd.exe C:\Programme\Logitech\SetPoint\KEM.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Programme\WinZip\WZQKPICK.EXE C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRAMME\LOGITECH\SETPOINT\KHALMNPR.EXE C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\GEMEIN~1\Nokia\Services\SERVIC~1.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Programme\Raxco\PerfectDisk\PDSched.exe C:\Programme\Logitech\SetPoint\MediaPlayerMgr.exe C:\Programme\Internet Explorer\iexplore.exe C:\PROGRA~1\WINZIP\winzip32.exe e:\Temp\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {EA2F9B93-1CB9-4AD3-8FCF-5879F2049A2B} - C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwgieac.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTDVDDET] C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [SBDrvDet] C:\Programme\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Power Manager] "C:\Programme\Gembird\Power Manager\pm2.exe" -winstartup O4 - HKLM\..\Run: [TrafficMonitor] C:\PROGRA~1\TRAFFI~1\TRAFFICMONITOR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Nokia Tray Application] C:\Programme\Gemeinsame Dateien\Nokia\NCLTools\NclTray.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [cFosSpeed] C:\Programme\cfos\cFosSpeed.exe O4 - HKLM\..\Run: [PPMemCheck] C:\Programme\PestPatrol\PPMemCheck.exe O4 - HKLM\..\Run: [CookiePatrol] C:\Programme\PestPatrol\CookiePatrol.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] \Program\ O4 - HKCU\..\Run: [Password Guard] C:\PROGRA~1\SA269F~1.D\PASSWO~1\pwguard.exe /STARTUP O4 - Startup: Quicken 2005 Zahlungserinnerung.lnk = C:\Programme\Lexware\Quicken2005\billmind.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Preispiraten 2.1.3 - {86DE8B3B-1EB7-4386-84BD-EBE94348A913} - C:\Programme\Preispiraten\Preispiraten2\preispiraten2ie.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O15 - Trusted Zone: www.computerwoche.de O15 - Trusted Zone: www.microsoft.de O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...58/mcfscan.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15010/CTPID.cab O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - C:\Programme\cfos\spd.exe" -service (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDEngine.exe O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Programme\Raxco\PerfectDisk\PDSched.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe Danke Gruß |
29.04.2005, 16:06 | #9 |
| Unbekanntes Verhalten hi ja, sieht gut aus, noch probleme? sieh dich hier einmal um, freeware Mozilla-Kalender Mozilla-Composer NVU Mozilla-Firefox (Browser Mozilla-Thunderbird (Mail) Mozilla-Chatzilla (Erweiterung für den Firefox) Mozilla-Suite (komplett vom Browser über Mail, Chat usw.) erweiterungen zu moz und fox http://filepony.de/19-firefox-plugins/ Seite 1 - firefox.erweiterungen.de Tabbed-Browsing Tabbed-Browsing-Extension
__________________ lg HijackThis, Security-Tool |
Themen zu Unbekanntes Verhalten |
adobe, adobe reader, alert, application, bho, canon, cdrom, dateien, desktop, dll, excel, explorer, file missing, firewall, helfen, hijackthis, internet, internet explorer, lexware, mein log, messenger, microsoft, nvcpl.dll, nvidia, programm, programme, rundll, server, software, system, temp, windows, windows xp |