Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
2 gelbe Dreiecke und 1 roter Kreis :(

2 gelbe Dreiecke und 1 roter Kreis :(


Log-Analyse und Auswertung: 2 gelbe Dreiecke und 1 roter Kreis :(

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 13.12.2006, 19:24   #1
MaxwellMurder
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Hey Leute!
Hab hier ein problem mit Trojanern..

HiJackThis LogFile:
Logfile of HijackThis v1.99.1
Scan saved at 19:10:41, on 13.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\issearch.exe
C:\WINDOWS\system32\ISHOST.EXE
C:\WINDOWS\system32\isnotify.exe
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
D:\Analog Devices\SoundMAX\SMax4.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Macrogaming\SweetIM\SweetIM.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\TEMP\idd16.tmp.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\TEMP\idd61.tmp.exe
C:\WINDOWS\TEMP\idd62.tmp.exe
C:\Programme\Windows Media Player\wmplayer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Carlos\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uboot.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\DOKUME~1\ALLUSE~1\DOKUME~1\DOWNLO~1\FlashGet\fgiebar.dll
O3 - Toolbar: MSN Suche Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\TB\02.05.0000.1105\de-at\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: GMX Toolbar - {2D1DDD38-CE4D-459b-A01C-F11BC92D5B69} - C:\Programme\GMX\GMX Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Programme\Safety Bar\SafetyBar.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\GEMEIN~1\{3063E~1\Bar888.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "D:\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NI.UWA6PU_0001_N73M1804] "C:\Dokumente und Einstellungen\Carlos\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0HS5U52J\WinAntiVirusPro2006FreeInstall_de[1].exe" -nag
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1031
O4 - HKLM\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvloz.dll,startup
O4 - HKLM\..\Run: [SpyHunter] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [IMOL] IMOLApp.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [DVDXGhost] C:\Programme\DVD Ghost\DVDGhost.EXE
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: uboot joe autostart check.LNK = D:\uboot joe\ubootjoeautostartcheck.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Windows-Desktopsuche.lnk = C:\Programme\MSN Toolbar Suite\DS\02.05.0001.1119\de-at\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm411YYAT
O8 - Extra context menu item: Download All by FlashGet - C:\Dokumente und Einstellungen\All Users\Dokumente\downloads\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Dokumente und Einstellungen\All Users\Dokumente\downloads\FlashGet\jc_link.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\MSN Toolbar Suite\TAB\02.05.0000.1105\de-at\msntabres.dll/229?75deee82ad9d4bbf9514a149a7d71bc5
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\MSN Toolbar Suite\TAB\02.05.0000.1105\de-at\msntabres.dll/230?75deee82ad9d4bbf9514a149a7d71bc5
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\DOKUME~1\ALLUSE~1\DOKUME~1\DOWNLO~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\DOKUME~1\ALLUSE~1\DOKUME~1\DOWNLO~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .UVR: C:\Programme\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - h**p://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - h**p://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - h**p://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - h**p://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - h**p://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: bw+0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: gloomily - {9cc1c589-4b22-4dae-8e12-4c3b5fa12b3f} - C:\WINDOWS\system32\mlraakb.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe

Alt 13.12.2006, 19:31   #2
Sunny
Administrator
> Competence Manager
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Hallo.

Warum nutzt du nicht die Boardsuche??? Dieses Problem gab es hier schon tausendfach...

Dein System ist aber schon ziemlich versaut, WINANTIVIRUS, VIRUSBURSTERS, MYWEBSEARCH, und ziemlich viel MALWARE.

Besteht die Mögliichkeit das du dein System komplett neu aufsetzt, denn alles andere wäre sehr zeitintensiv und zusätzlich bleibt das Risiko das danach immer noch nicht alles entfernt wurde!

Gruß
Sunny
__________________

__________________
Alt 13.12.2006, 19:37   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Ich hab mir das Logfile auch durchgesehen. Da ist wirklich ziemlich viel Mist drauf. Ich würde hier auch lieber neu aufsetzen, ist sicherer und wahrscheinlich auch schneller.
__________________
__________________
Alt 13.12.2006, 19:52   #4
MaxwellMurder
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Öööhm.. Neu aufsetzen? Hört sich schlimm an.. wie soll das von statten gehen? Hab kein Plan was ich da tun muss..

Alt 13.12.2006, 21:19   #5
MaxwellMurder
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Alsooo,... Ich hab mir vorhin SmitfraudFix heruntergeladen und im Abgesicherten Modus durchchecken lassen. und Irgendwie, sind alle Viren weg. Alle Pop Ups, die veränderte Startseite, die dreiecke.. ALLES WEG +im kreishüpf+ Danke für eure Hilfe Leute ^^


Alt 13.12.2006, 21:51   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Oberflächlich scheint es vllt. weg zu sein, aber es ist möglich, dass noch Viecher im System schlummern aber sich nicht mehr richtig bemerkbar machen.
Erstell bitte ein neues Hijackthis-Logfile und poste es. Poste auch an Logfile von datfindbat, ackere dazu diese Anleitung ab.
__________________
--> 2 gelbe Dreiecke und 1 roter Kreis :(

Alt 13.12.2006, 22:00   #7
MaxwellMurder
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


DatFindBat:

System32:
Datentr„ger in Laufwerk C: ist SYSTEM
Volumeseriennummer: A063-E2B4

Verzeichnis von C:\WINDOWS\system32

13.12.2006 21:54 690.681 qtvwa.ini
13.12.2006 20:58 2.206 wpa.dbl
13.12.2006 20:57 50.183 nvapps.xml
13.12.2006 20:12 663.786 qtvwa.ini2
13.12.2006 13:10 143 mcrh.tmp
13.12.2006 08:09 88.340 myhxkvxt.exe
12.12.2006 14:35 45 initdebug.nfo
12.12.2006 07:54 88.340 hgewvdvx.exe
12.12.2006 07:54 602.689 qtvwa.bak2
11.12.2006 18:29 88.340 wscdkmiy.exe
10.12.2006 19:00 90.164 jkkji.dll
10.12.2006 18:28 88.340 sjerbafg.exe
10.12.2006 17:18 72.704 drvloz.dll
10.12.2006 17:18 40.973 gebabya.dll
10.12.2006 14:20 90.164 mlljg.dll
09.12.2006 20:14 72.704 drvnad.dll
09.12.2006 20:13 40.973 opnnkkl.dll
09.12.2006 20:12 126.996 gdrsqroq.dll
09.12.2006 18:08 88.340 gpmxpjyn.exe
09.12.2006 12:03 88.340 egklxxsn.exe
07.12.2006 23:33 42.516 bdunxfxc.dll
07.12.2006 23:33 126.996 rwthwccm.dll
07.12.2006 23:33 88.340 hwufcrlr.exe
07.12.2006 23:33 585.909 qtvwa.bak1
07.12.2006 23:31 276.532 awvtq.dll
07.12.2006 20:54 72.704 drvvef.dll
07.12.2006 20:54 40.973 jkkkjhe.dll
07.12.2006 20:54 19.456 winwil32.dll
07.12.2006 16:53 16.832 amcompat.tlb
07.12.2006 16:53 23.392 nscompat.tlb
01.12.2006 05:20 79.360 swxcacls.exe
10.11.2006 09:56 77.714 perfc007.dat
10.11.2006 09:56 64.574 perfc009.dat
10.11.2006 09:56 422.246 perfh007.dat
10.11.2006 09:56 406.786 perfh009.dat
10.11.2006 09:56 945.708 PerfStringBackup.INI
08.11.2006 02:38 10.342.824 MRT.exe
04.11.2006 16:45 43.520 CmdLineExt03.dll
04.11.2006 14:14 1.245.696 msxml4.dll
03.11.2006 10:02 8.282.112 wmploc.dll
03.11.2006 09:56 99.840 wmpshell.dll
03.11.2006 09:55 275.968 wmerror.dll
03.11.2006 09:54 8.192 asferror.dll
02.11.2006 11:51 43.008 wpdshextres.dll
18.10.2006 21:58 8.704 uwdf.exe
18.10.2006 21:58 8.704 wdfmgr.exe
18.10.2006 21:47 4.096 WMVADVE.DLL
18.10.2006 21:47 4.096 WMVADVD.dll
18.10.2006 21:47 154.624 wpdmtp.dll
18.10.2006 21:47 603.648 WMSPDMOD.dll
18.10.2006 21:47 2.450.944 wmvcore.dll
18.10.2006 21:47 4.096 wmvdmoe2.dll
18.10.2006 21:47 63.488 wpdmtpus.dll
18.10.2006 21:47 1.574.912 WMVENCOD.dll
18.10.2006 21:47 35.840 wpdconns.dll
18.10.2006 21:47 2.603.008 WpdShext.dll
18.10.2006 21:47 1.382.912 WMVSDECD.dll
18.10.2006 21:47 4.096 wmsdmoe2.dll
18.10.2006 21:47 133.632 WPDShServiceObj.dll
18.10.2006 21:47 356.352 wpdsp.dll
18.10.2006 21:47 629.760 wpd_ci.dll
18.10.2006 21:47 4.096 wmvdmod.dll
18.10.2006 21:47 2.450.944 SET120.tmp
18.10.2006 21:47 767.488 WMVSENCD.dll
18.10.2006 21:47 4.096 wmsdmod.dll
18.10.2006 21:47 656.896 WMVXENCD.dll
18.10.2006 21:47 1.543.680 WMVDECOD.dll
18.10.2006 21:47 1.329.152 WMSPDMOE.dll
18.10.2006 21:47 535.040 wmdrmsdk.dll
18.10.2006 21:47 157.184 wmidx.dll
18.10.2006 21:47 937.984 wmnetmgr.dll
18.10.2006 21:47 10.834.432 wmp.dll
18.10.2006 21:47 242.688 wmpasf.dll
18.10.2006 21:47 314.880 wmpdxm.dll
18.10.2006 21:47 295.936 wmpeffects.dll
18.10.2006 21:47 1.661.440 wmpencen.dll
18.10.2006 21:47 613.376 wmpmde.dll
18.10.2006 21:47 130.048 wmpps.dll
18.10.2006 21:47 204.288 wmpsrcwp.dll
18.10.2006 21:47 242.688 SET166.tmp
18.10.2006 21:47 937.984 SET119.tmp
18.10.2006 21:47 348.672 wmdrmnet.dll
18.10.2006 21:47 166.912 PortableDeviceTypes.dll
18.10.2006 21:47 132.096 PortableDeviceWiaCompat.dll
18.10.2006 21:47 4.096 wdfapi.dll
18.10.2006 21:47 757.248 wmadmod.dll
18.10.2006 21:47 211.456 qasf.dll
18.10.2006 21:47 1.117.696 WMADMOE.dll
18.10.2006 21:47 222.208 wmasf.dll
18.10.2006 21:47 33.792 wmdmlog.dll
18.10.2006 21:47 37.376 wmdmps.dll
18.10.2006 21:47 429.056 wmdrmdev.dll
18.10.2006 21:47 101.888 PortableDeviceClassExtension.dll
18.10.2006 21:47 284.160 PortableDeviceApi.dll
18.10.2006 21:47 199.168 PortableDeviceWMDRM.dll
18.10.2006 21:47 757.248 SET112.tmp
18.10.2006 21:47 222.208 SET114.tmp
18.10.2006 21:47 414.208 msscp.dll
18.10.2006 21:47 175.616 mspmsp.dll
18.10.2006 21:47 179.712 msnetobj.dll
18.10.2006 21:47 321.536 mswmdm.dll
18.10.2006 21:47 27.136 mspmsnsv.dll
18.10.2006 21:47 4.096 MP43DMOD.dll
18.10.2006 21:47 259.072 MP43DECD.dll
18.10.2006 21:47 317.440 MP4SDECD.dll
18.10.2006 21:47 212.992 MFPLAT.dll
18.10.2006 21:47 4.096 MPG4DMOD.dll
18.10.2006 21:47 4.096 MP4SDMOD.dll
18.10.2006 21:47 259.072 MPG4DECD.dll
18.10.2006 21:47 11.264 LAPRXY.dll
18.10.2006 21:47 229.376 cewmdm.dll
18.10.2006 21:47 991.744 drmv2clt.dll
18.10.2006 21:47 542.720 blackbox.dll
18.10.2006 21:47 276.992 audiodev.dll
18.10.2006 20:05 232.448 l3codecp.acm
18.10.2006 20:03 100.864 logagent.exe
18.10.2006 20:00 249.856 drmupgds.exe
18.10.2006 20:00 17.408 wpdshextautoplay.exe
16.10.2006 11:40 123.392 xpsp3res.dll
13.10.2006 13:35 65.536 nwwks.dll
13.10.2006 13:35 64.000 nwapi32.dll
13.10.2006 13:35 146.432 nwprovau.dll
04.10.2006 19:45 269.392 FNTCACHE.DAT
02.10.2006 15:28 312.128 msdelta.dll
28.09.2006 20:13 95.344 WUDFCoinstaller.dll
28.09.2006 18:56 146.432 WudfHost.exe
28.09.2006 18:56 316.416 WUDFx.dll
28.09.2006 18:56 165.376 WudfPlatform.dll
28.09.2006 18:56 55.808 WudfSvc.dll
25.09.2006 17:58 14.640 spmsg.dll
25.09.2006 17:58 23.856 spupdsvc.exe
24.09.2006 14:28 5.248 speedfan.sys
24.09.2006 02:42 65.536 QuickTimeVR.qtx
24.09.2006 02:42 49.152 QuickTime.qts
14.09.2006 09:39 474.624 shlwapi.dll
14.09.2006 09:39 664.576 wininet.dll
14.09.2006 09:39 615.936 urlmon.dll
14.09.2006 09:39 532.480 mstime.dll
14.09.2006 09:39 39.424 pngfilt.dll
14.09.2006 09:39 3.075.584 mshtml.dll
14.09.2006 09:39 146.432 msrating.dll
14.09.2006 09:39 448.512 mshtmled.dll
14.09.2006 09:39 205.312 dxtrans.dll
14.09.2006 09:39 251.392 iepeers.dll
14.09.2006 09:39 16.384 jsproxy.dll
14.09.2006 09:39 55.808 extmgr.dll
14.09.2006 09:39 357.888 dxtmsft.dll
14.09.2006 09:39 96.768 inseng.dll
14.09.2006 09:39 152.064 cdfview.dll
14.09.2006 09:39 1.022.976 browseui.dll
14.09.2006 09:39 1.056.256 danim.dll
13.09.2006 06:02 1.084.416 msxml3.dll

Systemtemp:
Datentr„ger in Laufwerk C: ist SYSTEM
Volumeseriennummer: A063-E2B4

Verzeichnis von C:\DOKUME~1\Carlos\LOKALE~1\Temp

13.12.2006 20:58 512 ~DF143B.tmp
13.12.2006 20:58 442.368 ~DF138D.tmp
13.12.2006 20:58 512 ~DF6CCD.tmp
13.12.2006 20:58 442.368 ~DF6908.tmp
13.12.2006 20:50 583 LVCOMSX.LOG
13.12.2006 20:47 16.384 ~DF5157.tmp
13.12.2006 20:47 16.384 ~DF1D23.tmp
7 Datei(en) 919.111 Bytes
0 Verzeichnis(se), 1.554.239.488 Bytes frei

System:
Datentr„ger in Laufwerk C: ist SYSTEM
Volumeseriennummer: A063-E2B4

Verzeichnis von C:\WINDOWS

13.12.2006 21:04 1.953.047 WindowsUpdate.log
13.12.2006 20:57 0 0.log
13.12.2006 20:57 159 wiadebug.log
13.12.2006 20:57 50 wiaservc.log
13.12.2006 20:57 2.048 bootstat.dat
13.12.2006 20:55 32.566 SchedLgU.Txt
13.12.2006 20:54 2.560 _MSRSTRT.EXE
13.12.2006 20:40 178.730 setupact.log
13.12.2006 20:40 270.796 ntbtlog.txt
12.12.2006 08:23 217.153 wmsetup.log
10.12.2006 13:32 1.409 QTFont.for
10.12.2006 13:32 54.156 QTFont.qfn
09.12.2006 14:13 473.980 setupapi.log
09.12.2006 13:07 202 NeroDigital.ini
09.12.2006 12:20 2.273 IE4 Error Log.txt
07.12.2006 16:53 50.836 spupdsvc.log
07.12.2006 16:50 971 wmsetup10.log
07.12.2006 16:48 157.564 ntdtcsetup.log
07.12.2006 16:48 252.868 comsetup.log
07.12.2006 16:48 967.043 iis6.log
07.12.2006 16:48 352.516 tsoc.log
07.12.2006 16:48 1.374 imsins.log
07.12.2006 16:48 41.205 ocmsn.log
07.12.2006 16:48 35.462 tabletoc.log
07.12.2006 16:48 7.909 KB926239.log
07.12.2006 16:48 128.837 netfxocm.log
07.12.2006 16:48 53.029 MedCtrOC.log
07.12.2006 16:48 401.697 ocgen.log
07.12.2006 16:48 38.163 msgsocm.log
07.12.2006 16:48 717.675 FaxSetup.log
07.12.2006 16:48 255.408 msmqinst.log
07.12.2006 16:48 43.592 updspapi.log
07.12.2006 16:48 1.374 imsins.BAK
07.12.2006 16:48 4.925 MSCompPackV1.log
07.12.2006 16:47 18.403 wmp11.log
07.12.2006 16:47 774 win.ini
07.12.2006 16:45 26.312 WMFDist11.log
07.12.2006 16:45 316.640 WMSysPr9.prx
07.12.2006 16:44 12.206 Wudf01000Inst.log
05.12.2006 15:14 14.268 ie7_main.log
05.12.2006 15:14 2.753 ie7.log
05.12.2006 15:13 7.731 IDNMitigationAPIs.log
05.12.2006 15:10 7.408 NLSDownlevelMapping.log
05.12.2006 15:07 5.544 KB915865.log
30.11.2006 16:01 49.103 cdplayer.ini
17.11.2006 08:53 16.860 KB923980.log
17.11.2006 08:53 16.505 KB924270.log
17.11.2006 08:53 15.680 KB920213.log
17.11.2006 08:53 17.851 KB922760.log
08.11.2006 12:32 65.536 IFinst27.exe
07.11.2006 21:33 2.394 disney.ini
04.11.2006 16:44 17.505 DIIUnin.dat
04.11.2006 16:22 2.829 DIIUnin.pif
04.11.2006 16:22 102.400 DIIUnin.exe
02.11.2006 17:50 1.669 VMINST.LOG
02.11.2006 17:50 1.027 VMINST3.CKP
28.10.2006 15:15 71.757 DirectX.log
20.10.2006 17:30 74 UBURN.DAT
20.10.2006 16:04 3.022 mozver.dat
16.10.2006 17:33 23.959 cddabase.ini
14.10.2006 00:35 13.608 KB924191.log
14.10.2006 00:35 13.220 KB922819.log
14.10.2006 00:35 11.430 KB923414.log
14.10.2006 00:34 11.425 KB924496.log
14.10.2006 00:34 8.789 KB923191.log
05.10.2006 14:39 26.422 KB893803v2.log
04.10.2006 07:48 10.609 KB925486.log
14.09.2006 13:10 13.897 KB920685.log
14.09.2006 13:10 15.024 KB920872.log
14.09.2006 13:10 13.320 KB919007.log
14.09.2006 13:09 9.302 KB922582.log

Down:
Datentr„ger in Laufwerk C: ist SYSTEM
Volumeseriennummer: A063-E2B4

Verzeichnis von C:\WINDOWS\Downloaded Program Files

09.11.2006 14:36 5.019 swflash.inf
18.07.2006 14:35 151.080 ZIntro.ocx

sys:
Datentr„ger in Laufwerk C: ist SYSTEM
Volumeseriennummer: A063-E2B4

Verzeichnis von C:\

13.12.2006 21:59 0 sys.txt
13.12.2006 21:59 1.047 down.txt
13.12.2006 21:58 48.101 tmp.txt
13.12.2006 21:58 13.342 system.txt
13.12.2006 21:55 580 systemtemp.txt
13.12.2006 21:54 113.800 system32.txt
13.12.2006 20:57 536.137.728 hiberfil.sys
13.12.2006 20:57 1.073.741.824 pagefile.sys
13.12.2006 20:39 2.027 rapport.txt
30.10.2006 18:58 91 winamp.ini

Alt 13.12.2006, 22:01   #8
MaxwellMurder
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


HiJackThis:

Logfile of HijackThis v1.99.1
Scan saved at 22:01:03, on 13.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
D:\Analog Devices\SoundMAX\SMax4.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Macrogaming\SweetIM\SweetIM.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programme\Windows Media Player\wmplayer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Carlos\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uboot.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\DOKUME~1\ALLUSE~1\DOKUME~1\DOWNLO~1\FlashGet\fgiebar.dll
O3 - Toolbar: MSN Suche Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\TB\02.05.0000.1105\de-at\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (file missing)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: GMX Toolbar - {2D1DDD38-CE4D-459b-A01C-F11BC92D5B69} - C:\Programme\GMX\GMX Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: Safety Bar - {18668683-731c-48fa-b1b9-ad013748fb00} - C:\Programme\Safety Bar\SafetyBar.dll (file missing)
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\GEMEIN~1\{3063E~1\Bar888.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "D:\Analog Devices\SoundMAX\SMax4.exe" /tray
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NI.UWA6PU_0001_N73M1804] "C:\Dokumente und Einstellungen\Carlos\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0HS5U52J\WinAntiVirusPro2006FreeInstall_de[1].exe" -nag
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programme\DAEMON Tools\daemon.exe" -lang 1031
O4 - HKLM\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [IMOL] IMOLApp.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [DVDXGhost] C:\Programme\DVD Ghost\DVDGhost.EXE
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: PowerReg Scheduler.exe
O4 - Startup: uboot joe autostart check.LNK = D:\uboot joe\ubootjoeautostartcheck.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Windows-Desktopsuche.lnk = C:\Programme\MSN Toolbar Suite\DS\02.05.0001.1119\de-at\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm411YYAT
O8 - Extra context menu item: Download All by FlashGet - C:\Dokumente und Einstellungen\All Users\Dokumente\downloads\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Dokumente und Einstellungen\All Users\Dokumente\downloads\FlashGet\jc_link.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://C:\Programme\MSN Toolbar Suite\TAB\02.05.0000.1105\de-at\msntabres.dll/229?75deee82ad9d4bbf9514a149a7d71bc5
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://C:\Programme\MSN Toolbar Suite\TAB\02.05.0000.1105\de-at\msntabres.dll/230?75deee82ad9d4bbf9514a149a7d71bc5
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\DOKUME~1\ALLUSE~1\DOKUME~1\DOWNLO~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\DOKUME~1\ALLUSE~1\DOKUME~1\DOWNLO~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .UVR: C:\Programme\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: bw+0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw+0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw-0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw00s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw10s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw20s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw30s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw40s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw50s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw60s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw70s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw80s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bw90s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwa0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwb0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwc0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwd0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwe0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwf0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwg0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwh0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwi0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwj0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwk0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwl0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwm0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwn0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwo0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwp0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwq0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwr0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bws0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwt0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwu0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwv0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bww0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwx0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwy0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: bwz0s - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {98724A33-1DA7-47C6-97D8-29A25EF50487} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe

Alt 13.12.2006, 22:55   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Dein System ist definitiv noch nicht sauber, im C:\WINDOWS\system32-Ordner liegen noch einige dubiose Dateien, z.B.:

13.12.2006 21:54 690.681 qtvwa.ini
13.12.2006 20:12 663.786 qtvwa.ini2
13.12.2006 08:09 88.340 myhxkvxt.exe
12.12.2006 07:54 88.340 hgewvdvx.exe
12.12.2006 07:54 602.689 qtvwa.bak2
11.12.2006 18:29 88.340 wscdkmiy.exe
10.12.2006 19:00 90.164 jkkji.dll
10.12.2006 18:28 88.340 sjerbafg.exe
10.12.2006 17:18 72.704 drvloz.dll
10.12.2006 17:18 40.973 gebabya.dll
10.12.2006 14:20 90.164 mlljg.dll
09.12.2006 20:14 72.704 drvnad.dll
09.12.2006 20:13 40.973 opnnkkl.dll
09.12.2006 20:12 126.996 gdrsqroq.dll
09.12.2006 18:08 88.340 gpmxpjyn.exe
09.12.2006 12:03 88.340 egklxxsn.exe
07.12.2006 23:33 42.516 bdunxfxc.dll
07.12.2006 23:33 126.996 rwthwccm.dll
07.12.2006 23:33 88.340 hwufcrlr.exe
07.12.2006 23:33 585.909 qtvwa.bak1
07.12.2006 23:31 276.532 awvtq.dll
07.12.2006 20:54 72.704 drvvef.dll
07.12.2006 20:54 40.973 jkkkjhe.dll
07.12.2006 20:54 19.456 winwil32.dll
07.12.2006 16:53 16.832 amcompat.tlb
07.12.2006 16:53 23.392 nscompat.tlb
01.12.2006 05:20 79.360 swxcacls.exe

Lösch die aber noch nicht sofort, werte zumindest ein paar online bei Jotti aus und poste die Ergebnisse.
Kleiner Tipp: Manche Schädlinge scheinen dort mehrfach zu vertreten sein, man sieht's an der Dateigröße. Ok, ist kein Beweis, aber schonmal ein Hinweis auf mehrere identische Dateien, die sich nur im Dateinamen unterscheiden.

Im großen und ganzen macht das System aber einen ziemlich versauten Eindruck. Imho eher unwahrscheinlich das wirklich alles und v.a. sicher bereinigen zu können .
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.12.2006, 23:08   #10
felix1
/// Helfer-Team
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Zitat:
Zitat von MaxwellMurder Beitrag anzeigen
Alsooo,... Ich hab mir vorhin SmitfraudFix heruntergeladen und im Abgesicherten Modus durchchecken lassen. und Irgendwie, sind alle Viren weg. Alle Pop Ups, die veränderte Startseite, die dreiecke.. ALLES WEG +im kreishüpf+ Danke für eure Hilfe Leute ^^
Das denkst auch nur Du. Bei dem Müll, der noch vorhanden ist, ist der Rat von Sunny und Cosinus durchaus sinnvoll:
http://www.trojaner-board.de/12154-a...sicherung.html
__________________
LG

Der Felix

Keine Hilfe per PN und E-Mail
Alt 14.12.2006, 13:59   #11
MaxwellMurder
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Okay.. ahb die alle checkn lassen bei Jotti... folgende sind infiziert:
drvloz.dll
myhxkvxt.exe
wscdkmiy.exe
sjerbafg.exe
gebabya.dll
drvnad.dll
oppnkkl.dll
gdrsqrag.dll
gpmxpjyn.exe
egklxxsn.exe
bdunxfxc.dll
rwthwxxm.dll
hwufcrlr.exe
awvtq.dll (vielleicht)
druvvef.dll
jkkkhe.dll
winwil32.dll

Das wars..

Alt 14.12.2006, 20:16   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Und warum verrätst du nicht, welche Schädlinge gefunden werden?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 14.12.2006, 21:52   #13
MaxwellMurder
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Hab mit AntiVir durchchecken lassen.. er hat 16 gefunden, hab sie alle gelöscht.
Sorry wenn ich was falsch gemacht ahbe, kenn mich am PC so gut wie Null aus was das Thema betrifft. =) Naja,.. aufjedenfall kommt bei meinem AntiVir jedesmal wenn ich Mozilla Firefox öffne die Meldung, awvtq.dll will in mein system eindringen. Naja.. Habs jetzt nuter Quarantäne und es kommt nichtmehr.. =)

Alt 14.12.2006, 21:55   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
2 gelbe Dreiecke und 1 roter Kreis :( - Standard

2 gelbe Dreiecke und 1 roter Kreis :(


Dein System bekommst so aber trotzdem nicht sauber, nur durch das Neuaufspielen von Windows. Folge dieser http://www.trojaner-board.de/12154-a...sicherung.html
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu 2 gelbe Dreiecke und 1 roter Kreis :(
adobe, computer, content.ie5, desktop, einstellungen, email, enigma, excel, explorer, firefox, google, helper, icqtoolbar, internet, internet explorer, kaspersky, logfile, mozilla, mozilla firefox, nvidia, pdf, problem, rundll, skype.exe, software, sweetim, system, temp, toolbars, trojaner, urlsearchhook, windows, windows xp, windows\temp


« Am i Infected or not ? | Antivir meldet TR/TCPParams.D.1 -> » »


Ähnliche Themen: 2 gelbe Dreiecke und 1 roter Kreis :(


  1. Gelbe Gefahrenmeldung beim Booten
    Plagegeister aller Art und deren Bekämpfung - 22.05.2011 (18)
  2. Roter Kreis mit weißem X - Your computer is infected!
    Log-Analyse und Auswertung - 22.10.2009 (11)
  3. Roter Kreis weißes X - Your computer is Infected!
    Mülltonne - 20.10.2009 (0)
  4. Desktop blinkt Warning, Roter Kreis mit weißem Kreuz neben der Uhr.
    Plagegeister aller Art und deren Bekämpfung - 02.03.2009 (29)
  5. spyware (roter kreis)
    Plagegeister aller Art und deren Bekämpfung - 11.02.2009 (20)
  6. Roter Kreis mit weißem Kreuz
    Plagegeister aller Art und deren Bekämpfung - 10.02.2009 (22)
  7. Roter Kreis - weißes Kreuz ... computer is infected
    Log-Analyse und Auswertung - 22.10.2008 (1)
  8. Roter Kreis/Weisses Kreuz; Internet-Explorer funzt nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 21.10.2008 (7)
  9. Bitte um Hilfe: Roter Kreis mit weißem X
    Log-Analyse und Auswertung - 21.10.2008 (2)
  10. YOur computer is infected - roter Kreis mit weißem Kreuz
    Plagegeister aller Art und deren Bekämpfung - 20.10.2008 (9)
  11. Roter Kreis mit weißem Kreuz < your system is infected!
    Log-Analyse und Auswertung - 18.10.2008 (4)
  12. roter kreis mit kreuz "your computer is infected"
    Log-Analyse und Auswertung - 17.10.2008 (2)
  13. Roter Kreis und Gelbes Rufzeichen. Bitte einmal Hijacklog checken.
    Log-Analyse und Auswertung - 05.12.2007 (6)
  14. Roter Kreis mit weißem Kreuz in der Taskleiste
    Log-Analyse und Auswertung - 14.10.2006 (2)
  15. Hilfe dringend Roter Kreis mit weißem Kreuz
    Log-Analyse und Auswertung - 22.04.2006 (1)
  16. Roter Kreis mit X in der Task Leiste
    Log-Analyse und Auswertung - 02.04.2006 (1)
  17. Roter Kreis mit weißem X - Your computer is Infected!
    Plagegeister aller Art und deren Bekämpfung - 05.01.2006 (15)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 2 gelbe Dreiecke und 1 roter Kreis :( - Hey Leute! Hab hier ein problem mit Trojanern.. HiJackThis LogFile: Logfile of HijackThis v1.99.1 Scan saved at 19:10:41, on 13.12.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 - 2 gelbe Dreiecke und 1 roter Kreis :(...
Archiv
Du betrachtest: 2 gelbe Dreiecke und 1 roter Kreis :( auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131