Lieber SUPER MODERATOR danke erstmal für deine hilfe... alles wie gewollt hab ich gemacht jedoch SCHRITT 5 kapiere ich nicht oder ich kanns nicht.was soll ich da eingeben???????? hier die logfiles von SHREDDER,MALWAREBYT und HIJACK.....
CW SHREDDER meldete: CWS.Svchost32
logfile Shredder:
**** Run Keys ****
RUN: [HP Software Update] D:\Programme\HP\HP Software Update\HPWuSchd2.exe
RUN: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
RUN: [RemoteControl] D:\Programme\CyberLink\PowerDVD\PDVDServ.exe
RUN: [PCMService] "D:\Programme\CyberLink\PowerCinema\PCMService.exe "
RUN: [Arcor Online]
RUN: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
RUN: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
RUN: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
RUN: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe
RUN: [SoundMan] SOUNDMAN.EXE
RUN: [SpywareTerminator] "C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe"
RUN: [iTunesHelper] "D:\Programme\iTunes\iTunesHelper.exe"
RUN: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
RUN: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
RUN: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleT oolbarNotifier.exe"
RUN: [SpywareTerminatorUpdate] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorUpdate. exe"
**** Browser Helper Objects ****
BHO: [AcroIEHlprObj Class] C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [AcroIEHlprObj Class] C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [AcroIEHlprObj Class] C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [Search Helper] C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: [Windows Live Anmelde-Hilfsprogramm] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: [Google Toolbar Helper] C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: [Google Toolbar Notifier BHO] C:\Programme\Google\GoogleToolbarNotifier\5.5.4723 .1820\swg.dll
BHO: [pdfforge Toolbar] C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
BHO: [Java(tm) Plug-In 2 SSV Helper] C:\Programme\Java\jre6\bin\jp2ssv.dll
BHO: [Windows Live Toolbar Helper] C:\Programme\Windows Live\Toolbar\wltcore.dll
BHO: [Windows Live Toolbar Helper] C:\Programme\pdfforge Toolbar\SearchSettings.dll
BHO: [JQSIEStartDetectorImpl Class] C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
**** IE Toolbars ****
TOOLBAR: []
TOOLBAR: [&Windows Live Toolbar] C:\Programme\Windows Live\Toolbar\wltcore.dll
TOOLBAR: [&Windows Live Toolbar] C:\Programme\Windows Live\Toolbar\wltcore.dll
TOOLBAR: [Google Toolbar] C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
TOOLBAR: [pdfforge Toolbar] C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
**** IE Extensions ****
IEExt: [In Blog veröffentlichen]
IEExt: [PartyGammon.com] C:\Programme\PartyGaming\PartyGammon\RunBackGammon .exe
IEExt: [PartyGammon.com] C:\Programme\PartyGaming\PartyGammon\RunBackGammon .exe
IEExt: [PartyPoker.com] C:\Programme\PartyGaming\PartyPoker\RunApp.exe
LOGFILE Malwarebytes
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Datenbank Version: 4154
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
29.05.2010 19:17:55
mbam-log-2010-05-29 (19-17-55).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 127227
Laufzeit: 5 Minute(n), 0 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
LOGFILE HIJACKTHIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:11, on 29.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Application Updater\ApplicationUpdater.exe
C:\Programme\Bonjour\mDNSResponder.exe
D:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCap Svc.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programme\Spyware Terminator\sp_rsser.exe
D:\Programme\HP\HP Software Update\HPWuSchd2.exe
D:\Programme\CyberLink\PowerDVD\PDVDServ.exe
D:\Programme\CyberLink\PowerCinema\PCMService.exe
C:\windows\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\windows\SOUNDMAN.EXE
D:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSch ed.exe
C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe
D:\Programme\iTunes\iTunesHelper.exe
C:\windows\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Dokumente und Einstellungen\Besitzer\Desktop\cwshredder.exe
C:\Dokumente und Einstellungen\Besitzer\Desktop\HiJackThis204.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
%s - Crawler.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
Internet Explorer Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch =
Search Assistant
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
Internet Explorer Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
Search Assistant
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=22028
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100
www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100
www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100
www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100
securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.com
O1 - Hosts: 74.82.216.3 google.com.au
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.be
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.com.br
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.ca
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.ch
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.de
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.dk
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.fr
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.ie
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.co.jp
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.nl
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.no
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.co.nz
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.pl
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.se
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.co.uk
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3 google.co.za
O1 - Hosts: 74.82.216.3
Google
O1 - Hosts: 74.82.216.3
Google Analytics | Official Website
O1 - Hosts: 74.82.216.3
Bing
O1 - Hosts: 74.82.216.3 search.yahoo.com
O1 - Hosts: 74.82.216.3
Yahoo! Search - Web Search
O1 - Hosts: 74.82.216.3 uk.search.yahoo.com
O1 - Hosts: 74.82.216.3 ca.search.yahoo.com
O1 - Hosts: 74.82.216.3 de.search.yahoo.com
O1 - Hosts: 74.82.216.3 fr.search.yahoo.com
O1 - Hosts: 74.82.216.3 au.search.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723 .1820\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugi n.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [HP Software Update] D:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RemoteControl] D:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [PCMService] "D:\Programme\CyberLink\PowerCinema\PCMService.exe "
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\RunServices: [exq] C:\WINDOWS\system32\exq.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleT oolbarNotifier.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorUpdate. exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6 FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programme\PartyGaming\PartyGammon\RunBackGammon .exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - C:\Programme\PartyGaming\PartyGammon\RunBackGammon .exe (file missing)
O9 - Extra button: (no name) - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) -
http://www.tgrthaber.com.tr/CanliYay...1.11_en_dl.cab
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) -
http://static.pe.studivz.net/photoup...che=1205149615
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary...t.cab56907.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Programme\Application Updater\ApplicationUpdater.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - D:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCap Svc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - D:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSch ed.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Update Service (gupdate1ca0ac6f5c1deea) (gupdate1ca0ac6f5c1deea) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Print Spooler Service (rkyueaaiiu8s) - Unknown owner - C:\WINDOWS\system32\exq.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programme\Spyware Terminator\sp_rsser.exe
--
End of file - 14537 bytes
google nicht auffindba rhijack logfile sende ich mit 
Linear-Darstellung
