Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Popup-Fenster unterbricht mich (https://www.trojaner-board.de/16731-popup-fenster-unterbricht-mich.html)

stinger_x 16.04.2005 20:48
Popup-Fenster unterbricht mich
 
Hallo

Bei mir kommt immer ein IE Popup-Fenster. Wenn ich in einem Programm bin (besser gesagt Spiel) wirft es mich auf den Desktop. Anscheinend ist es so wichtig, dass ich es immer schliessen muss.

Ich habe diverse Programme laufen lassen. Und dieses C:\WINDOWS\system32\OQFMNT40.DLL gibt mir Rätsel auf. Ich kann es nicht löschen. Bei http://virusscan.jotti.org/de/ hab ich gecheckt aber der Kaspersky ist der einzige der etwas weiss: "Kaspersky Anti-Virus
not-a-virus:AdWare.Look2Me.ab gefunden".

Was mit dem Logitech ist weiss ich nicht genau, ist eigentlich egal. Ich habe mal das "Display" für die Tastatur ausgeschaltet.

Danke für die Hilfe!

EDIT: Gerade sind auf dem Desktop 3 Verknüpfungen erschienen:
http://www.zestyfind.com/cgi-bin/sea...keywords=music
http://www.zestyfind.com/cgi-bin/sea...eywords=travel
http://www.zestyfind.com/cgi-bin/sea...eywords=dating
Mittlerweile hat sich dieses "Programm" oder was auch immer sich repariert. Vorher waren die Internetseiten leer und konnte eine Installation stoppen (ActiveX). Jetzt kommen die Inhalte wieder hemmungslos.


EDIT2: Nach 2 Minuten der nächste Link, scheint klever zu sein :pukeface: : http://hop.clickbank.net/?adm0531/swnuker06&pg=7

Der Link eines Popupfenster:
http://www.9ringtone.com/ch/index.php
http://www.loadingwebsite.com/normal/yyy17.html --> anschliessend Werbung, nach 3 mal vor und zurück ist das Fenster leer.
http://www.spotresults.com/cgi-bin/s...ywords=tequila

Logfile of HijackThis v1.99.1
Scan saved at 22:21:45, on 16.04.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Programme\DU Meter\DUMeter.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\SnagIt 7\SnagIt32.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Programme\SnagIt 7\TSCHelp.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTSvcCDA.EXE
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Programme\totalcmd\TOTALCMD.EXE
c:\programme\mcafee.com\shared\mghtml.exe
c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Marcel Sidler\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Programme\Copernic Agent\CopernicAgentExt.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [DU Meter] C:\Programme\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VBundleOuterDL] C:\Programme\VBouncer\BundleOuter.EXE
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Programme\Purgatio Pro\checker.exe /check
O4 - Startup: UD Agent.lnk = C:\Programme\United Devices\UD.EXE
O4 - Startup: Verknüpfung mit taskmgr.lnk = C:\WINDOWS\system32\taskmgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SnagIt 7.lnk = C:\Programme\SnagIt 7\SnagIt32.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: Suchen mit Copernic Agent - C:\Programme\Copernic Agent\Web\SearchExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Starten von Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.tromboegodo.com/ingorda.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...3/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...20/mcgdmgr.cab
O16 - DPF: {EEF29D20-9A47-4657-ADF7-283EC2504001} - http://download.bigwebportal.com/toolbar2/winenc32.cab
O18 - Protocol: bw+0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Programme\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll
O20 - Winlogon Notify: MediaContentIndex - C:\WINDOWS\system32\gpr6l39s1.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

dartus 16.04.2005 21:35
Hallo stinger_x,

downloade Adaware und spybot S&D. Installieren und updaten.

Wechsel in den abgesicherten Modus bei deaktivierter Systemwiederherstellung http://www.systemwiederherstellung-d...indows-xp.html und fixe folgende Einträge /Scan mit HJT, Häckchen vor Einträgen und auf fix checked klicken):

O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.tromboegodo.com/ingorda.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/c...DC_1_0_0_44.cab
O16 - DPF: {EEF29D20-9A47-4657-ADF7-283EC2504001} - http://download.bigwebportal.com/toolbar2/winenc32.cab
O20 - Winlogon Notify: MediaContentIndex - C:\WINDOWS\system32\gpr6l39s1.dll

Lösche manuell (Falls noch nicht eingestellt: Öffne den Explorer-->Extras-->Ordneroptionen-->Ansicht-->Systendateien ausblenden "häckchen weg“ und "Alle Dateien und Ordner Anzeigen" anklicken)
C:\WINDOWS\system32\OQFMNT40.DLL
C:\WINDOWS\system32\gpr6l39s1.dll

Papierkorb leeren

Adaware und spybot nacheinander starten und alle Funde löschen.

dartus

stinger_x 16.04.2005 22:19
Hallo dartus

Ich habe deine Anweisungen befolgt.

Dieser Eintrag lässt sich nicht entfernen, der Name ändert sich immer:
O20 - Winlogon Notify: MediaContentIndex - C:\WINDOWS\system32\****.dll
C:\WINDOWS\system32\gpr6l39s1.dll war im abgesicherten Modus nicht mehr vorhanden.

Und in diesem Moment ist ein Popup gekommen:
http://www.spotresults.com/cgi-bin/s...=nissan+xterra
Zweite Popup-Seite
http://www.loadingwebsite.com/normal/yyy34.html

Stand:
Logfile of HijackThis v1.99.1
Scan saved at 23:20:22, on 16.04.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTSvcCDA.EXE
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Programme\DU Meter\DUMeter.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programme\SnagIt 7\SnagIt32.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\SnagIt 7\TSCHelp.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Marcel Sidler\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Programme\Copernic Agent\CopernicAgentExt.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [DU Meter] C:\Programme\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Programme\Purgatio Pro\checker.exe /check
O4 - Startup: UD Agent.lnk = C:\Programme\United Devices\UD.EXE
O4 - Startup: Verknüpfung mit taskmgr.lnk = C:\WINDOWS\system32\taskmgr.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SnagIt 7.lnk = C:\Programme\SnagIt 7\SnagIt32.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: Suchen mit Copernic Agent - C:\Programme\Copernic Agent\Web\SearchExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Starten von Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...3/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...20/mcgdmgr.cab
O18 - Protocol: bw+0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {39351047-74BE-4600-9518-E673FCE8F16C} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Programme\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll
O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\lvl4093qe.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

dartus 17.04.2005 00:09
Hallo stinger_x,

suche im abgesicherten Modus nach einer Datei im "sytem32"-Ordner, die suspekt ist, d.h. die unter Eigenschaften keine Signatur hat. Vermutlich fängt diese Datei mit 3 Buchstaben an, danach folgen 4 Ziffern.

Desweiteren führe bitte dies mal aus:
1. Downloade Dir escan und befolge genau diese Anleitung (Ordner „C:{base“ erstellen, die „mwav.exe“ dorthin entpacken, mit „kavupd.exe“ updaten. Scan IM ABGESICHERTEN MODUS dauert etwa eine Stunde), http://www.systemwiederherstellung-d...indows-xp.html
2. starte nach dem Scan wieder in den normalen Modus dauert,
3. öffne die Datei "mwav.log", klicke auf "bearbeiten" danach auf "suchen"
4. gebe dann "infected" ein,
5. suche weiter bei Treffern und lösche diese.

dartus

stinger_x 17.04.2005 10:11
Ich habe wieder alles durchgekämmt und habe vom eScan im Fenster kopiert und in ein Wordfile eingefügt. Ich habe gelöscht was ich konnte, aber einige suspekte Files mit kryptischen Namen konnte ich nicht löschen, weil sie im abgesicherten Modus gebraucht werden. Es gibt ein Muster im system32-Ordner. Ich kann nach jedem Neustart etwa 2-3 Files löschen. Eines kann ich nicht löschen, aber umbenennen und beim nächsten Neustart löschen. 2-3 Files überdauern die Neustarts, ich kann sie weder löschen noch umbenennen. Bis jetzt hatte ich 4 Abstürze, wobei der PC sofort neu bootet, vielleicht soll ich die DLLs lassen.

Das Problem besteht weiterhin mit den Popups. So langsam denke ich an Neuinstallation von Windows oder Format C.. oder muss ich jetzt in der Registry was ändern?

Hier das Resultat vom eScan, die Daten im Laufwerk F habe ich nicht gelöscht.

File C:\WINDOWS\system32\aSaamon.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\icont.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\_aSaamon.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\MARCEL~1\LOKALE~1\TEMPOR~1\Content.IE5\0H8ZS7GJ\AppWrap[1].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\MARCEL~1\LOKALE~1\TEMPOR~1\Content.IE5\EL5AV2TO\AppWrap[1].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\MARCEL~1\LOKALE~1\TEMPOR~1\Content.IE5\K7PFAEZ1\AppWrap[1].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\MARCEL~1\LOKALE~1\TEMPOR~1\Content.IE5\N68FJDO5\AppWrap[1].exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\MARCEL~1\LOKALE~1\TEMPOR~1\Content.IE5\OXCHAB89\AppWrap[1].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Marcel Sidler\Desktop\aSaamon.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Marcel Sidler\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0H8ZS7GJ\AppWrap[1].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Marcel Sidler\Lokale Einstellungen\Temporary Internet Files\Content.IE5\EL5AV2TO\AppWrap[1].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Marcel Sidler\Lokale Einstellungen\Temporary Internet Files\Content.IE5\K7PFAEZ1\AppWrap[1].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Marcel Sidler\Lokale Einstellungen\Temporary Internet Files\Content.IE5\N68FJDO5\AppWrap[1].exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Marcel Sidler\Lokale Einstellungen\Temporary Internet Files\Content.IE5\OXCHAB89\AppWrap[1].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\icont.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\_aSaamon.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Temp\bw2.com infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
File F:\Daten\_Downloads_\Games & Updates\Go\TurboGo 5.0\SETUP.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File F:\Daten\_Downloads_\Games & Updates\Go\TurboGo 5.0\turbogo5.zip tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File F:\Daten\_Downloads_\Games & Updates\Total Annihilation\AFark.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File F:\Daten\_Downloads_\Games & Updates\Total Annihilation\ascarab.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File F:\Daten\_Downloads_\Games & Updates\Total Annihilation\chedge.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File F:\Daten\_Downloads_\Games & Updates\Total Annihilation\CImlator.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File F:\Daten\_Downloads_\Games & Updates\Total Annihilation\Necro.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File F:\Daten\_Downloads_\Programme\Windows Themes ohne StyleXP _themexp_patch2.rar tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.



Und der jetzige Stand:

Logfile of HijackThis v1.99.1
Scan saved at 11:18:17, on 17.04.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTSvcCDA.EXE
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Programme\DU Meter\DUMeter.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\SnagIt 7\SnagIt32.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Programme\SnagIt 7\TSCHelp.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\devldr32.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Marcel Sidler\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Programme\Copernic Agent\CopernicAgentExt.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [DU Meter] C:\Programme\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [loader32] C:\Dokumente und Einstellungen\Marcel Sidler\Anwendungsdaten\SysDown\sys03020.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [SpySweeper] "C:\Programme\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [WashAndGo - Cleanup of old Backupfiles] C:\Programme\Purgatio Pro\checker.exe /check
O4 - Startup: Verknüpfung mit taskmgr.lnk = C:\WINDOWS\system32\taskmgr.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SnagIt 7.lnk = C:\Programme\SnagIt 7\SnagIt32.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: Suchen mit Copernic Agent - C:\Programme\Copernic Agent\Web\SearchExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Starten von Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...3/mcinsctl.cab
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Programme\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\en04l1dq1.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:44 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131