Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Hilfe bei Spyaxe

Hilfe bei Spyaxe


Plagegeister aller Art und deren Bekämpfung: Hilfe bei Spyaxe

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.12.2005, 16:46   #1
Shari
 
Hilfe bei Spyaxe - Standard

Hilfe bei Spyaxe


Hallo,
ich verfolge seit einigen Tagen die Diskussionen um Spyaxe. Die habe ich nämlich auch! Ich bin Euren Hinweisen soweit gefolgt, daß ich im abgesicherten Modus Smitrem, Adaware, Spybot und Escan ausgeführt habe. Danach bin ich im normalen Modus hochgefahren und habe mit HijackThis ein Logfile erstellt. Das HijackThis Log hänge ich an. Bei den anderen bekomme ich Meldungen, daß der hochzuladende Text zu lang ist. Wie gehe ich damit um?

Bitte helft mir weiter, wie ich dem lästigen Ding beikommen kann. Danke und einen guten Rutsch!!!

Hijackthis Logfile
______________________

Logfile of HijackThis v1.99.1
Scan saved at 16:11:07, on 31.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\PROGRA~1\eScan\TRAYSSER.EXE
C:\PROGRA~1\eScan\avpm.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\NILaunch.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Programme\inKline Global\PC Booster\pcbooster.exe
C:\Programme\T-DSL SpeedManager\SpeedMgr.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\Common Files\Companion Wizard\compwiz.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\WinAntiVirus Pro 2006\winav.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\PROGRA~1\eScan\TRAYICOS.EXE
C:\PROGRA~1\eScan\AVPMWrap.EXE
C:\Programme\T-DSL SpeedManager\tsmsvc.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\PROGRA~1\eScan\MAILDISP.EXE
C:\Programme\WinAntiVirus Pro 2006\FWSvc.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\eScan\AvpM.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
C:\Programme\Yahoo!\Messenger\ymsgr_tray.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
C:\Programme\Wincommander\WINCMD32.EXE
C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRA~1\eScan\MAILSCAN.EXE
C:\PROGRA~1\eScan\SPOOLER.EXE
C:\PROGRA~1\eScan\kavss.exe
D:\Download\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn3\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\System32\NILaunch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [PC Booster] C:\Programme\inKline Global\PC Booster\pcbooster.exe
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [CompanionWizard] "C:\Programme\Common Files\Companion Wizard\compwiz.exe" /silent
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [WinAntiVirusPro2006] C:\Programme\WinAntiVirus Pro 2006\winav.exe /min
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MailScan Dispatcher] "C:\Programme\eScan\LAUNCH.EXE"
O4 - HKLM\..\Run: [eScan Updater] C:\PROGRA~1\eScan\TRAYICOS.EXE /App
O4 - HKLM\..\Run: [eScan Monitor] C:\PROGRA~1\eScan\AVPMWrap.EXE
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programme\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash
O4 - HKCU\..\Run: [SpyTrooper] C:\Program Files\SpyTrooper\SpyTrooper.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmesde.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmesde.dll
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {07E3F115-C445-480D-94CB-ECA914A353CE} - h**p://www.medionshop.de/ (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'mwtsp.dll' missing
O14 - IERESET.INF: START_PAGE_URL=h**p://www.aldi.com
O15 - Trusted Zone: h**p://*.billingnow.com
O15 - Trusted Zone: h**p://*.reliablestats.com
O15 - Trusted Zone: h**p://*.winantispyware.com
O15 - Trusted Zone: h**p://*.winantivirus.com
O15 - Trusted Zone: h**p://*.winantiviruspro.com
O15 - Trusted Zone: h**p://*.winfixer.com
O15 - Trusted Zone: h**p://*.winnanny.com
O15 - Trusted Zone: h**p://*.winsoftware.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - h**p://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - h**p://software-dl.real.com/04a30f04300bfbf27206/netzip/RdxIE601_de.cab
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - h**ps://img.web.de/v/mail/activex/mail_upload_1123.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - h**p://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135025085000
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - h**p://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - h**p://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: bw+0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {80008C72-0F29-478A-B2B1-B093B1D4ADB5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: text/html - (no CLSID) - (no file)
O18 - Filter: text/plain - (no CLSID) - (no file)
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: eScan Server-Updater (eScan-trayicos) - MWTI2 - C:\PROGRA~1\eScan\TRAYSSER.EXE
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Programme\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: eScan Monitor Service (KAVMonitorService) - Kaspersky Labs. - C:\PROGRA~1\eScan\avpm.exe
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Alt 01.01.2006, 05:00   #2
dartus
 
Hilfe bei Spyaxe - Standard

Hilfe bei Spyaxe


Hallo Shari,

wechsel in den abgesicherten Modus bei deaktivierter Systemwiederherstellung http://www.systemwiederherstellung-d...indows-xp.html und fixe (Scan mit HJT, Häckchen vor Eintrag und auf fix checked klicken):

alle "015"- und "018"-Einträge

Neustart-> Sytemwiederherstellung kann wieder aktiiert werden

Neues Logfile und berichten

dartus
__________________

__________________
Alt 01.01.2006, 11:12   #3
Shari
 
Hilfe bei Spyaxe - Standard

Hilfe bei Spyaxe


Hallo dartus,

ich habe im abgesicherten Modus die genannten Einträge gefixt. Danach habe ich direkt ein neues Log geschrieben - dort fehlten auch die 015 und 018 Einträge. Nach dem Neustart und einem erneuten HJT Log waren die 015 Einträge wieder da.

Hier das Log:

Logfile of HijackThis v1.99.1
Scan saved at 11:00:34, on 01.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\PROGRA~1\eScan\TRAYSSER.EXE
C:\PROGRA~1\eScan\avpm.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\CNYHKey.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\NILaunch.exe
C:\Programme\QuickTime\qttask.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Programme\inKline Global\PC Booster\pcbooster.exe
C:\Programme\T-DSL SpeedManager\SpeedMgr.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\Common Files\Companion Wizard\compwiz.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe
C:\Programme\WinAntiVirus Pro 2006\winav.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\eScan\TRAYICOS.EXE
C:\PROGRA~1\eScan\AVPMWrap.EXE
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\eScan\MAILDISP.EXE
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
C:\PROGRA~1\eScan\SPOOLER.EXE
C:\PROGRA~1\eScan\MAILSCAN.EXE
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Programme\WinAntiVirus Pro 2006\FWSvc.exe
C:\Programme\T-DSL SpeedManager\tsmsvc.exe
C:\PROGRA~1\eScan\AvpM.exe
C:\PROGRA~1\eScan\kavss.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\kernel.exe
C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis2\sc_watch.exe
C:\Programme\Wincommander\WINCMD32.EXE
D:\Download\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn3\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\System32\NILaunch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [PC Booster] C:\Programme\inKline Global\PC Booster\pcbooster.exe
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [CompanionWizard] "C:\Programme\Common Files\Companion Wizard\compwiz.exe" /silent
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart
O4 - HKLM\..\Run: [WinAntiVirusPro2006] C:\Programme\WinAntiVirus Pro 2006\winav.exe /min
O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MailScan Dispatcher] "C:\Programme\eScan\LAUNCH.EXE"
O4 - HKLM\..\Run: [eScan Updater] C:\PROGRA~1\eScan\TRAYICOS.EXE /App
O4 - HKLM\..\Run: [eScan Monitor] C:\PROGRA~1\eScan\AVPMWrap.EXE
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programme\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash
O4 - HKCU\..\Run: [SpyTrooper] C:\Program Files\SpyTrooper\SpyTrooper.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmesde.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmesde.dll
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: MedionShop - {07E3F115-C445-480D-94CB-ECA914A353CE} - h**p://www.medionshop.de/ (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'mwtsp.dll' missing
O14 - IERESET.INF: START_PAGE_URL=h**p://www.aldi.com
O15 - Trusted Zone: h**p://*.billingnow.com
O15 - Trusted Zone: h**p://*.reliablestats.com
O15 - Trusted Zone: h**p://*.winantispyware.com
O15 - Trusted Zone: h**p://*.winantivirus.com
O15 - Trusted Zone: h**p://*.winantiviruspro.com
O15 - Trusted Zone: h**p://*.winfixer.com
O15 - Trusted Zone: h**p://*.winnanny.com
O15 - Trusted Zone: h**p://*.winsoftware.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - h**p://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - h**p://software-dl.real.com/04a30f04300bfbf27206/netzip/RdxIE601_de.cab
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - h**ps://img.web.de/v/mail/activex/mail_upload_1123.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - h**p://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1135025085000
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - h**p://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - h**p://chat.msn.com/bin/msnchat45.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: eScan Server-Updater (eScan-trayicos) - MWTI2 - C:\PROGRA~1\eScan\TRAYSSER.EXE
O23 - Service: Firewall service (FWSvc) - WinSoftware, Ltd. - C:\Programme\WinAntiVirus Pro 2006\FWSvc.exe
O23 - Service: eScan Monitor Service (KAVMonitorService) - Kaspersky Labs. - C:\PROGRA~1\eScan\avpm.exe
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Ich habe ja auch noch die Logs vom Escan und Smitrem. Aber ich weiß nicht, wie ich diese hier posten kann, ohne die Meldung zu bekommen, daß die Zeichenlänge überschritten ist.

Gruß,
Shari
__________________
Antwort

Themen zu Hilfe bei Spyaxe
abgesicherten modus, antivirus, bho, canon, computer, danke, desktop, download, drivers, explorer, firewall, hijack, hijackthis, hijackthis log, home, internet, internet explorer, kaspersky, logfile, monitor, programme, rundll, software, symantec, system, t-online, windows, windows xp, yahoo, zu lang


« S.O.D's escan Virus Log Information | Panda-scann entdeckt spayware »


Ähnliche Themen: Hilfe bei Spyaxe


  1. Hilfe! Spyaxe will nicht weggehen
    Log-Analyse und Auswertung - 05.02.2006 (7)
  2. SpyAxe...brauche hilfe
    Log-Analyse und Auswertung - 11.01.2006 (39)
  3. SpyAxe ?
    Log-Analyse und Auswertung - 06.01.2006 (13)
  4. SpyAxe!!! Brauche dringen Hilfe bin kurz vor einem Nervenzusammenbruch
    Plagegeister aller Art und deren Bekämpfung - 02.01.2006 (151)
  5. Spyaxe die 2te
    Log-Analyse und Auswertung - 31.12.2005 (14)
  6. Spyaxe
    Log-Analyse und Auswertung - 31.12.2005 (13)
  7. SpyAxe ?
    Plagegeister aller Art und deren Bekämpfung - 29.12.2005 (3)
  8. spyaxe
    Antiviren-, Firewall- und andere Schutzprogramme - 28.12.2005 (2)
  9. Spyaxe Virus! Bitte dringend um Hilfe!!
    Plagegeister aller Art und deren Bekämpfung - 14.12.2005 (27)
  10. Spyaxe
    Plagegeister aller Art und deren Bekämpfung - 10.12.2005 (1)
  11. Spyaxe/Spytrooper/Spyguard/SmitfraudC - Hilfe bitte
    Plagegeister aller Art und deren Bekämpfung - 08.12.2005 (10)
  12. spyaxe .... bitte um hilfe !!!
    Log-Analyse und Auswertung - 08.12.2005 (10)
  13. Mal wieder sch*** Spyaxe, brauche hilfe!
    Plagegeister aller Art und deren Bekämpfung - 24.11.2005 (3)
  14. Spyaxe - Bitte um Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 19.11.2005 (4)
  15. SPYAXE...hilfe!!!!
    Plagegeister aller Art und deren Bekämpfung - 19.11.2005 (3)
  16. SpyAxe !
    Plagegeister aller Art und deren Bekämpfung - 17.11.2005 (1)
  17. SpyAxe!!! Brauche dringen Hilfe
    Mülltonne - 09.11.2005 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hilfe bei Spyaxe - Hallo, ich verfolge seit einigen Tagen die Diskussionen um Spyaxe. Die habe ich nämlich auch! Ich bin Euren Hinweisen soweit gefolgt, daß ich im abgesicherten Modus Smitrem, Adaware, Spybot und - Hilfe bei Spyaxe...
Archiv
Du betrachtest: Hilfe bei Spyaxe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131