giorgos
17.04.07, 00:07
Hallo
Problem eins: Beim Starten des Rechners kommt die Meldung Services.exe
ist das ein trojaner?? wie kriege ich das weg?
Problem zwei :Beim Starten des Rechners kommt die Meldung logwant.exe fehler
wie kriege ich das weg?
Logfile of HijackThis v1.99.1
Scan saved at 23:16:18, on 16.04.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.exe
E:\WINDOWS\services.exe
E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCap Svc.exe
E:\WINDOWS\system32\crypserv.exe
E:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
E:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
E:\WINDOWS\SYSTEM32\GEARSEC.EXE
E:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
E:\WINDOWS\system32\oodag.exe
E:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\windllrun.exe
E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSch ed.exe
E:\Programme\Canon\CAL\CALMAIN.exe
E:\Programme\Browser MOUSE\mouse32a.exe
E:\Programme\Muiltmedia keyboard Utility\1.3\KbdAp32A.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Programme\T-Online\T-Online_Software_6\Browser\Browser.exe
E:\Programme\MSN Messenger\msnmsgr.exe
E:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\palst art.exe
E:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
E:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
E:\Programme\Internet Explorer\iexplore.exe
E:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
E:\Neuer Ordner\Neuer Ordner\tv\DeskTask.exe
E:\Neuer Ordner\Neuer Ordner\tv\DeskTask.exe
C:\tools4\taskmanager16\TaskMan.exe
E:\software\hijackthis_199\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internetcologne.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Programme\ICQToolbar\toolbaru.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - E:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
F2 - REG:system.ini: Shell=Explorer.exe E:\WINDOWS\system32\fservice.exe
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - E:\Programme\MySearch\bar\2.bin\S4BAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - E:\Programme\TVgenial\IEButtonTVGenialEBayInterfac e.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Metaspinner - {7C7A8947-5935-4430-AC0E-E7D04697414E} - E:\PROGRA~1\PREISP~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - E:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: Metaspinner - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - E:\PROGRA~1\PREISP~1\BUYERT~1\IEBUTT~3.DLL
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - E:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Systran40premi.IEPlugIn - {D3919E1A-D6A5-11D6-AC3E-00B0D094B576} - E:\Programme\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - E:\Programme\MySearch\bar\2.bin\S4BAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - E:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] E:\Programme\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] E:\Programme\Muiltmedia keyboard Utility\1.3\KbdAp32A.exe
O4 - HKLM\..\Run: [rundllwindows] E:\WINDOWS\system32\dllrun32.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] E:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "E:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [InfoCockpit] E:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash
O4 - HKCU\..\Run: [rundllwindows] E:\WINDOWS\system32\dllrun32.exe
O4 - Global Startup: palstart.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://E:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://E:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://E:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?e95d49fea89a4a0e9786061fe3226338
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://E:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?e95d49fea89a4a0e9786061fe3226338
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://E:\Programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - E:\WINDOWS\system32\mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - E:\WINDOWS\system32\mscoree.DLL
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - E:\Programme\Preispiraten\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - E:\Programme\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Preispiraten 2.1.2 - {86DE8B3B-1EB7-4386-84BD-EBE94348A913} - E:\Programme\Preispiraten\Preispiraten2\preispirat en2ie.exe
O9 - Extra button: Knowledge Base Suche - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra 'Tools' menuitem: Knowledge Base Suche - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programme\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.internetcologne.de
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://www.uploadzeus.altervista.org/plugin.exe
O16 - DPF: {0D62A517-E7C6-4E1F-A577-07D4AC549A48} (Progetto1.int_ver32) - http://advnt01.com/dialer/int_ver32b.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.gutchat.de/control/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: E:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - E:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - E:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.e xe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - E:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd. exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCap Svc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSch ed.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - E:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - E:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - E:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: GEARSecurity - GEAR Software - E:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - E:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.e xe
O23 - Service: T-Online WLAN Adapter Steuerungsdienst (MZCCntrl) - Deutsche Telekom AG, Marmiko IT-Solutions GmbH - E:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - E:\WINDOWS\svcproc.exe (file missing)
O23 - Service: windllrun - Unknown owner - E:\WINDOWS\system32\windllrun.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - E:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: ZESOFT - Unknown owner - E:\WINDOWS\zeta.exe (file missing)
Problem eins: Beim Starten des Rechners kommt die Meldung Services.exe
ist das ein trojaner?? wie kriege ich das weg?
Problem zwei :Beim Starten des Rechners kommt die Meldung logwant.exe fehler
wie kriege ich das weg?
Logfile of HijackThis v1.99.1
Scan saved at 23:16:18, on 16.04.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.exe
E:\WINDOWS\services.exe
E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCap Svc.exe
E:\WINDOWS\system32\crypserv.exe
E:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
E:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
E:\WINDOWS\SYSTEM32\GEARSEC.EXE
E:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
E:\WINDOWS\system32\oodag.exe
E:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\windllrun.exe
E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSch ed.exe
E:\Programme\Canon\CAL\CALMAIN.exe
E:\Programme\Browser MOUSE\mouse32a.exe
E:\Programme\Muiltmedia keyboard Utility\1.3\KbdAp32A.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Programme\T-Online\T-Online_Software_6\Browser\Browser.exe
E:\Programme\MSN Messenger\msnmsgr.exe
E:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\palst art.exe
E:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE
E:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
E:\Programme\Internet Explorer\iexplore.exe
E:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
E:\Neuer Ordner\Neuer Ordner\tv\DeskTask.exe
E:\Neuer Ordner\Neuer Ordner\tv\DeskTask.exe
C:\tools4\taskmanager16\TaskMan.exe
E:\software\hijackthis_199\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internetcologne.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Programme\ICQToolbar\toolbaru.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - E:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
F2 - REG:system.ini: Shell=Explorer.exe E:\WINDOWS\system32\fservice.exe
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - E:\Programme\MySearch\bar\2.bin\S4BAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - E:\Programme\TVgenial\IEButtonTVGenialEBayInterfac e.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Metaspinner - {7C7A8947-5935-4430-AC0E-E7D04697414E} - E:\PROGRA~1\PREISP~1\BUYERT~1\IEBUTT~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - E:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: Metaspinner - {CD9B7762-DFBC-42B1-BB30-02A78287B456} - E:\PROGRA~1\PREISP~1\BUYERT~1\IEBUTT~3.DLL
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - E:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Systran40premi.IEPlugIn - {D3919E1A-D6A5-11D6-AC3E-00B0D094B576} - E:\Programme\Systran\4_0\Premium\IEPlugIn.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - E:\Programme\MySearch\bar\2.bin\S4BAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - E:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] E:\Programme\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [FLMK08KB] E:\Programme\Muiltmedia keyboard Utility\1.3\KbdAp32A.exe
O4 - HKLM\..\Run: [rundllwindows] E:\WINDOWS\system32\dllrun32.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] E:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "E:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [InfoCockpit] E:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash
O4 - HKCU\..\Run: [rundllwindows] E:\WINDOWS\system32\dllrun32.exe
O4 - Global Startup: palstart.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://E:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Windows Live Search - res://E:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - res://E:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/229?e95d49fea89a4a0e9786061fe3226338
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - res://E:\Programme\Windows Live Toolbar\Components\de-de\msntabres.dll.mui/230?e95d49fea89a4a0e9786061fe3226338
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://E:\Programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - E:\WINDOWS\system32\mscoree.DLL
O9 - Extra 'Tools' menuitem: Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - E:\WINDOWS\system32\mscoree.DLL
O9 - Extra button: Buyertools Reminder - {27914077-B4D6-4A0E-9763-76B6E9DD9A81} - E:\Programme\Preispiraten\Buyertools Reminder\ReminderIE.exe
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - E:\Programme\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Preispiraten 2.1.2 - {86DE8B3B-1EB7-4386-84BD-EBE94348A913} - E:\Programme\Preispiraten\Preispiraten2\preispirat en2ie.exe
O9 - Extra button: Knowledge Base Suche - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra 'Tools' menuitem: Knowledge Base Suche - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - http://support.microsoft.com/default.aspx?scid=FH;EN-US;KBHOWTO (file missing)
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Programme\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.internetcologne.de
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://www.uploadzeus.altervista.org/plugin.exe
O16 - DPF: {0D62A517-E7C6-4E1F-A577-07D4AC549A48} (Progetto1.int_ver32) - http://advnt01.com/dialer/int_ver32b.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://www.gutchat.de/control/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: E:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - E:\WINDOWS\
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - E:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.e xe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - E:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd. exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCap Svc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - E:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSch ed.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - E:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - E:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - E:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: GEARSecurity - GEAR Software - E:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - E:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.e xe
O23 - Service: T-Online WLAN Adapter Steuerungsdienst (MZCCntrl) - Deutsche Telekom AG, Marmiko IT-Solutions GmbH - E:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe
O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - E:\WINDOWS\svcproc.exe (file missing)
O23 - Service: windllrun - Unknown owner - E:\WINDOWS\system32\windllrun.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - E:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: ZESOFT - Unknown owner - E:\WINDOWS\zeta.exe (file missing)