Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Cid Popups

Cid Popups


Log-Analyse und Auswertung: Cid Popups

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 06.08.2007, 19:12   #1
Toddy
 
Cid Popups - Standard

Cid Popups


Hallo, mich palgt die ganze Zeit so ein Popup mit Cid im Namen. Mal ist es Tui, mal iregndwas anderes. Könnt ihr mit meinem Logfile was anfangen?

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:11:47, on 06.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Windows SteadyState\SCTSvc.exe
C:\WINDOWS\system32\VCFService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programme\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
C:\Programme\VMware\VMware Workstation\vmware-tray.exe
C:\Programme\VMware\VMware Workstation\hqtray.exe
C:\Programme\Windows SteadyState\Bubble.exe
C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programme\Unlocker\UnlockerAssistant.exe
C:\Programme\Lexmark X1100 Series\lxbkbmon.exe
C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\ICQ6\ICQ.exe
C:\Programme\Logitech\SetPoint\SetPoint.exe
C:\Programme\FRITZ!DSL\StCenter.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\PROGRA~1\@stake\LC4\lc4.exe
C:\Programme\FRITZ!DSL\fwebprot.exe
C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\B6ONNLSH\HiJackThis_v2[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [vmware-tray] C:\Programme\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Programme\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [Bubble] "%ProgramFiles%\Windows SteadyState\Bubble.exe"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programme\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVMFBoxMonitor] "C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Logoff] %SCTPath%SCTUINotify.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Verknüpfung mit AutoAdminLogon.bat.lnk = C:\AutoAdminLogon.bat
O4 - Global Startup: Verknüpfung mit windowslicence.bat.lnk = C:\windowslicence.bat
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with GetRight Pro - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Programme\GetRight\GRbrowse.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0B2E0124-F895-4E02-94E4-1952CC5CE9E1} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NetOp Helper ver. 9.00 (2007058) (NetOp Host for NT Service) - Danware Data A/S - C:\Programme\Danware Data\NetOp Remote Control\Gateway\NHOSTSVC.EXE
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Programme\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programme\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programme\Gemeinsame Dateien\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 19176 bytes

Alt 06.08.2007, 20:16   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Cid Popups - Standard

Cid Popups


Hallo.

C:\WINDOWS\system32\VCFService.exe
C:\Programme\Windows SteadyState\Bubble.exe
C:\PROGRAMME\@stake\LC4\lc4.exe
%SCTPath%SCTUINotify.exe

Diese Dateien sagen mir nichts, werte die doch bitte mal online bei Virustotal aus und poste die Ergebnisse inkl. Infos zu Dateigrößen und Prüfsummen. Du kannst den Pfad per Copy and Paste bei Virustotal (nur STRG+V, rechtsklick einfügen geht nicht) eingeben.
__________________

__________________
Antwort

Themen zu Cid Popups
adobe, bho, browser, browseui preloader, cid, cid popup, content.ie5, desktop, dll, download, dsl, einstellungen, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, locker, logfile, pdf, popup, popups, programme, remote control, rundll, s-1-5-18, server, software, system, trend micro, windows, windows xp


« C:\WINDOWS\system32\ntsd | Virusmeldung von AntiVir, sobald ich mich auf myspace einlogge »


Ähnliche Themen: Cid Popups


  1. Windows 7: Werbung und Popups im Firefox, unterstrichene Wörter mit PopUps bei Mouse-Over EXP/JAVA.Rafold.A.Gen
    Log-Analyse und Auswertung - 03.02.2014 (5)
  2. Popups über Popups
    Plagegeister aller Art und deren Bekämpfung - 09.03.2009 (18)
  3. PopUps
    Mülltonne - 24.12.2008 (0)
  4. CID Popups
    Plagegeister aller Art und deren Bekämpfung - 13.12.2008 (15)
  5. Cid Popups
    Log-Analyse und Auswertung - 27.09.2008 (3)
  6. Popups!
    Mülltonne - 02.09.2008 (0)
  7. popups
    Log-Analyse und Auswertung - 11.04.2008 (4)
  8. Cid Popups
    Log-Analyse und Auswertung - 26.03.2008 (4)
  9. PopUps im IE und FF
    Log-Analyse und Auswertung - 02.03.2008 (3)
  10. CiD PopUps...
    Mülltonne - 27.02.2008 (0)
  11. CID Popups
    Mülltonne - 01.01.2008 (1)
  12. CID-Popups
    Log-Analyse und Auswertung - 16.12.2007 (1)
  13. popups
    Log-Analyse und Auswertung - 03.07.2007 (8)
  14. CiD- PopUps
    Log-Analyse und Auswertung - 21.06.2007 (3)
  15. ad.firstsolution popups +andere Popups+ langsamer seitenaufbau
    Log-Analyse und Auswertung - 28.11.2006 (14)
  16. Popups
    Plagegeister aller Art und deren Bekämpfung - 23.03.2006 (10)
  17. Browser spinnt - Öffnet sich automatisch mit Popups und Swf Popups
    Log-Analyse und Auswertung - 03.03.2006 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Cid Popups - Hallo, mich palgt die ganze Zeit so ein Popup mit Cid im Namen. Mal ist es Tui, mal iregndwas anderes. Könnt ihr mit meinem Logfile was anfangen? Logfile of Trend - Cid Popups...
Archiv
Du betrachtest: Cid Popups auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19