Antispyscan

Dieses Thema im Forum "Viren, Würmer, Spyware" wurde erstellt von zocker, 31.08.2008.

  1. zocker

    zocker Erfahrener Benutzer

    Dabei seit:
    05.08.2008
    Beiträge:
    102
    Zustimmungen:
    0
    Hallo Leute,
    ich hab ein großes Problem bei mir wir immer angezeigt, ich einen Virus auf meine Pc habe und mir was runterladen muss. Ich weiß, dass das nur ein Fake ist. Wie bekomm ich das wieeder weg??
    Hier das von Hijack THis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:52:00, on 31.08.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Programme\avmwlanstick\WlanNetService.exe
    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    C:\Programme\Hamachi\hamachi.exe
    C:\My Programms\Nero 8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programme\Applications\iebtm.exe
    C:\Programme\ASUS\ASUS DH Remote\AsRc.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    C:\Programme\ASUS\ASUS DH Remote\AsDhRemote.exe
    C:\Programme\Applications\wcm.exe
    C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
    C:\Programme\Applications\iebtmm.exe
    C:\Programme\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Programme\avmwlanstick\wlangui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programme\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\My Programms\Lavalys\EVEREST Ultimate Edition\everest.exe
    C:\Programme\Windows Live\Messenger\MsnMsgr.Exe
    C:\Programme\Wisterer HX\WistererHX.exe
    C:\Programme\iPod\bin\iPodService.exe
    C:\Programme\ICQ6\ICQ.exe
    C:\Programme\EXPERTool\TBPanel.exe
    C:\WINDOWS\system32\ubpr01.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programme\Windows Live\Messenger\usnsvc.exe
    C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Programme\Internet Explorer\IEXPLORE.EXE
    C:\Programme\Applications\wcs.exe
    C:\Dokumente und Einstellungen\Zocker\Desktop\HiJackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
    R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\My Programms\IE7Pro\IE7Pro.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0BD44AB1-76A7-4E05-92F4-4B065FE72BD6} - C:\Programme\Applications\iebt.dll
    O2 - BHO: 393340 helper - {4CE93951-2A8F-4EE0-A4B1-C3F342536A5D} - C:\WINDOWS\system32\393340\393340.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\My Programms\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
    O2 - BHO: ThreatWarningBHO Class - {E1FAB6BD-4A34-47ce-82AF-50B16A6BE77E} - C:\Programme\aspch\ThreatWarning.dll (file missing)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: Internet Service - {3BEBF2FE-7248-40E2-9752-8163EB6C4038} - C:\Programme\Applications\iebr.dll
    O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Programme\ASUS\ASUS DH Remote\AsRc.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\My Programms\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Programme\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [EVEREST AutoStart] C:\My Programms\Lavalys\EVEREST Ultimate Edition\everest.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WistererHX] "C:\Programme\Wisterer HX\WistererHX.exe"
    O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent
    O4 - HKCU\..\Run: [GAINWARD] C:\Programme\EXPERTool\TBPanel.exe /A
    O4 - HKCU\..\Run: [wblogon] C:\WINDOWS\system32\ubpr01.exe
    O4 - HKCU\..\Run: [aspch] "C:\Programme\aspch\ASpCh.exe"
    O4 - HKLM\..\Policies\Explorer\Run: [smile] C:\Programme\Applications\wcs.exe
    O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Programme\Applications\iebtm.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\MYPROG~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\My Programms\IE7Pro\IE7Pro.dll
    O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\My Programms\IE7Pro\IE7Pro.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\MYPROG~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\MYPROG~1\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iexplorerfiles.com/redirect.php (file missing)
    O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iexplorerfiles.com/redirect.php (file missing)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MYPROG~1\Office12\REFIEBAR.DLL
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'c:\programme\bonjour\mdnsnsp.dll' missing
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1201819505328
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\My Programms\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O22 - SharedTaskScheduler: babblement - {d3b82107-f8fa-4ef3-8066-136e22872d4e} - C:\WINDOWS\system32\sjrggq.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
    O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Programme\avmwlanstick\WlanNetService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Bonjour-Dienst (Bonjour Service) - Unknown owner - C:\Programme\Bonjour\mDNSResponder.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Hamachi Service (HamachiService) - LogMeIn Inc. - C:\Programme\Hamachi\hamachi.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\My Programms\Nero 8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 13257 bytes
     
  2. AdMan

    schau mal hier: Windows-Wartungs-Tool. Viele Probleme lassen sich damit einfach beheben. Oftmals ist der PC dann auch schneller!
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  3. #2 Leonixx, 31.08.2008
    Leonixx

    Leonixx
    Moderator

    Dabei seit:
    17.10.2007
    Beiträge:
    18.903
    Zustimmungen:
    0
    Ort:
    NIX DO
  4. zocker

    zocker Erfahrener Benutzer

    Dabei seit:
    05.08.2008
    Beiträge:
    102
    Zustimmungen:
    0
    hey,
    also ich hab das programm was hier von modernboard angeboten wird genommen jetzt geht wieder alles.

    hier das neue File

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:32:04, on 31.08.2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Programme\avmwlanstick\WlanNetService.exe
    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    C:\Programme\Hamachi\hamachi.exe
    C:\My Programms\Nero 8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programme\ASUS\ASUS DH Remote\AsRc.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
    C:\My Programms\qttask.exe
    C:\Programme\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Programme\avmwlanstick\wlangui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programme\ASUS\ASUS DH Remote\AsDhRemote.exe
    C:\Programme\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\My Programms\Lavalys\EVEREST Ultimate Edition\everest.exe
    C:\Programme\Windows Live\Messenger\MsnMsgr.Exe
    C:\Programme\Wisterer HX\WistererHX.exe
    C:\Programme\ICQ6\ICQ.exe
    C:\Programme\EXPERTool\TBPanel.exe
    C:\Programme\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programme\Windows Live\Messenger\usnsvc.exe
    C:\My Programms\opera.exe
    C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
    C:\Programme\Spybot - Search & Destroy\SpybotSD.exe
    C:\Programme\Windows Media Player\wmplayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Dokumente und Einstellungen\Zocker\Desktop\Programme\ICQ\ICQAwayReader13.exe
    C:\DOKUME~1\Zocker\LOKALE~1\Temp\tmpTLapp\ICQAwayReader.exe
    C:\Dokumente und Einstellungen\Zocker\Desktop\Programme\HiJackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
    R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yodl.de/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://internetsearchservice.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://internetsearchservice.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\My Programms\IE7Pro\IE7Pro.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0BD44AB1-76A7-4E05-92F4-4B065FE72BD6} - C:\Programme\Applications\iebt.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\My Programms\Office12\GrooveShellExtensions.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
    O2 - BHO: ThreatWarningBHO Class - {E1FAB6BD-4A34-47ce-82AF-50B16A6BE77E} - C:\Programme\aspch\ThreatWarning.dll (file missing)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: Internet Service - {3BEBF2FE-7248-40E2-9752-8163EB6C4038} - C:\Programme\Applications\iebr.dll (file missing)
    O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Programme\ASUS\ASUS DH Remote\AsRc.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\My Programms\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe
    O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter3.exe
    O4 - HKLM\..\RunOnce: [SpybotDeletingA5038] command /c del "C:\Dokumente und Einstellungen\Zocker\Startmenü\AntiSpyCheck 2.1.lnk"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC106] cmd /c del "C:\Dokumente und Einstellungen\Zocker\Startmenü\AntiSpyCheck 2.1.lnk"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA99] command /c del "C:\Dokumente und Einstellungen\Zocker\Favoriten\Antivirus Scan.url"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2878] cmd /c del "C:\Dokumente und Einstellungen\Zocker\Favoriten\Antivirus Scan.url"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3728] command /c del "C:\WINDOWS\system32\sjrggq.dll_old"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC6918] cmd /c del "C:\WINDOWS\system32\sjrggq.dll_old"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA5756] command /c del "C:\Programme\Applications\wcm.exe_old"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2700] cmd /c del "C:\Programme\Applications\wcm.exe_old"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4878] command /c del "C:\Programme\Applications\iebr.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC7947] cmd /c del "C:\Programme\Applications\iebr.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA2741] command /c del "C:\Programme\Applications\iebt.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC4806] cmd /c del "C:\Programme\Applications\iebt.dll"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA651] command /c del "C:\Programme\Applications\iebtmm.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC93] cmd /c del "C:\Programme\Applications\iebtmm.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA1561] command /c del "C:\Programme\Applications\iebtu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC4993] cmd /c del "C:\Programme\Applications\iebtu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA6715] command /c del "C:\Programme\Applications\wcu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2516] cmd /c del "C:\Programme\Applications\wcu.exe"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3239] command /c del "C:\Programme\Applications\myd.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC9866] cmd /c del "C:\Programme\Applications\myd.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA4912] command /c del "C:\Programme\Applications\mym.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC21] cmd /c del "C:\Programme\Applications\mym.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA8806] command /c del "C:\Programme\Applications\myp.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC8605] cmd /c del "C:\Programme\Applications\myp.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA988] command /c del "C:\Programme\Applications\myv.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2602] cmd /c del "C:\Programme\Applications\myv.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA3330] command /c del "C:\Programme\Applications\ot.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC3538] cmd /c del "C:\Programme\Applications\ot.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA8171] command /c del "C:\Programme\Applications\ts.ico"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC1480] cmd /c del "C:\Programme\Applications\ts.ico"
    O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Programme\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Programme\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [EVEREST AutoStart] C:\My Programms\Lavalys\EVEREST Ultimate Edition\everest.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WistererHX] "C:\Programme\Wisterer HX\WistererHX.exe"
    O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent
    O4 - HKCU\..\Run: [GAINWARD] C:\Programme\EXPERTool\TBPanel.exe /A
    O4 - HKCU\..\Run: [wblogon] C:\WINDOWS\system32\ubpr01.exe
    O4 - HKCU\..\Run: [aspch] "C:\Programme\aspch\ASpCh.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6872] command /c del "C:\Dokumente und Einstellungen\Zocker\Startmenü\AntiSpyCheck 2.1.lnk"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7375] cmd /c del "C:\Dokumente und Einstellungen\Zocker\Startmenü\AntiSpyCheck 2.1.lnk"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB6990] command /c del "C:\Dokumente und Einstellungen\Zocker\Favoriten\Antivirus Scan.url"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD5172] cmd /c del "C:\Dokumente und Einstellungen\Zocker\Favoriten\Antivirus Scan.url"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7599] command /c del "C:\WINDOWS\system32\sjrggq.dll_old"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD3826] cmd /c del "C:\WINDOWS\system32\sjrggq.dll_old"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB631] command /c del "C:\Programme\Applications\wcm.exe_old"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD1614] cmd /c del "C:\Programme\Applications\wcm.exe_old"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5128] command /c del "C:\Programme\Applications\iebr.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD3270] cmd /c del "C:\Programme\Applications\iebr.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB9794] command /c del "C:\Programme\Applications\iebt.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD6571] cmd /c del "C:\Programme\Applications\iebt.dll"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB2279] command /c del "C:\Programme\Applications\iebtmm.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD8239] cmd /c del "C:\Programme\Applications\iebtmm.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7482] command /c del "C:\Programme\Applications\iebtu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD7792] cmd /c del "C:\Programme\Applications\iebtu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB4319] command /c del "C:\Programme\Applications\wcu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD2138] cmd /c del "C:\Programme\Applications\wcu.exe"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB2961] command /c del "C:\Programme\Applications\myd.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD4749] cmd /c del "C:\Programme\Applications\myd.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7622] command /c del "C:\Programme\Applications\mym.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD1653] cmd /c del "C:\Programme\Applications\mym.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7072] command /c del "C:\Programme\Applications\myp.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD825] cmd /c del "C:\Programme\Applications\myp.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB2312] command /c del "C:\Programme\Applications\myv.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD502] cmd /c del "C:\Programme\Applications\myv.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB1752] command /c del "C:\Programme\Applications\ot.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD1875] cmd /c del "C:\Programme\Applications\ot.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingB7187] command /c del "C:\Programme\Applications\ts.ico"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD8402] cmd /c del "C:\Programme\Applications\ts.ico"
    O4 - HKLM\..\Policies\Explorer\Run: [smile] C:\Programme\Applications\wcs.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\MYPROG~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\My Programms\IE7Pro\IE7Pro.dll
    O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\My Programms\IE7Pro\IE7Pro.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
    O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\MYPROG~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\MYPROG~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MYPROG~1\Office12\REFIEBAR.DLL
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'c:\programme\bonjour\mdnsnsp.dll' missing
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1201819505328
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\My Programms\Office12\GrooveSystemServices.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
    O22 - SharedTaskScheduler: babblement - {d3b82107-f8fa-4ef3-8066-136e22872d4e} - C:\WINDOWS\system32\sjrggq.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
    O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Programme\avmwlanstick\WlanNetService.exe
    O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
    O23 - Service: Bonjour-Dienst (Bonjour Service) - Unknown owner - C:\Programme\Bonjour\mDNSResponder.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Hamachi Service (HamachiService) - LogMeIn Inc. - C:\Programme\Hamachi\hamachi.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
    O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\My Programms\Nero 8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

    --
    End of file - 19706 bytes
     
  5. #4 Leonixx, 31.08.2008
    Leonixx

    Leonixx
    Moderator

    Dabei seit:
    17.10.2007
    Beiträge:
    18.903
    Zustimmungen:
    0
    Ort:
    NIX DO
    Meinst du? ;) Zlob tobt sich weiter munter auf deinem System aus! ;)

    Welches Wunderprogramm hast du den benutzt?

    Wenn du Zlob loswerden willst, dann solltest du meine Empfehlungen ausführen. Ist aber deine Entscheidung und dein weiter verseuchtes System. ;)

    Gruss Leonixx
     
  6. zocker

    zocker Erfahrener Benutzer

    Dabei seit:
    05.08.2008
    Beiträge:
    102
    Zustimmungen:
    0
    ja ok ich mach aber wenn ich Smitfraudfix instaliere kommt da nurn en schwazes Fenster sieht auf wie cmd.exe und ich kann da keine 1 eingeben was mach ich falsch??
     
  7. #6 Leonixx, 01.09.2008
    Leonixx

    Leonixx
    Moderator

    Dabei seit:
    17.10.2007
    Beiträge:
    18.903
    Zustimmungen:
    0
    Ort:
    NIX DO
  8. zocker

    zocker Erfahrener Benutzer

    Dabei seit:
    05.08.2008
    Beiträge:
    102
    Zustimmungen:
    0
    ok geht jetzt. mit report posten meinst du damit wieder ein neues Hijack THis file hier reinkopieren??
     
  9. #8 Leonixx, 01.09.2008
    Leonixx

    Leonixx
    Moderator

    Dabei seit:
    17.10.2007
    Beiträge:
    18.903
    Zustimmungen:
    0
    Ort:
    NIX DO
    Ich meine den Bericht von Smitfraudfix, Malewarebytes, Counterspy, danach erst ein neues HJT Logfile.
     
  10. AdMan

    Es ist generell erstmal empfehlenswert alle ggf. veralteten oder fehlerhaften Treiber zu scannen und auf neue zu aktualisieren. Hier kannst du einen Treiber-Scanner downloaden. Das erspart oftmals viel Ärger und hilft gegen diverse Probleme.
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  11. zocker

    zocker Erfahrener Benutzer

    Dabei seit:
    05.08.2008
    Beiträge:
    102
    Zustimmungen:
    0
    bericht????da kam nie einer

    oder meinst du den rapport text??
     
  12. zocker

    zocker Erfahrener Benutzer

    Dabei seit:
    05.08.2008
    Beiträge:
    102
    Zustimmungen:
    0
    also wenn du die rapport datei meinst da steht das drin

    SmitFraudFix v2.343

    Scan done at 12:03:51,28, 01.09.2008
    Run from C:\Dokumente und Einstellungen\Zocker\Desktop\SmitfraudFix
    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» hosts


    127.0.0.1 localhost

    »»»»»»»»»»»»»»»»»»»»»»»» VACFix

    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

    S!Ri's WS2Fix: LSP not Found.


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


    »»»»»»»»»»»»»»»»»»»»»»»» IEDFix

    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri





    ich bin die nächsten 4 tage nicht da mache die anderen beiden am donnerstag

    danke aber schon mal in vorraus
     
Thema: Antispyscan
Besucher kamen mit folgenden Suchen
  1. antispyscan

    ,
  2. kloehk .dll kaspersky

    ,
  3. wistererhx nicht vertrauenswürdig

    ,
  4. spybotdeletingd3270