Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:35, on 9.9.2010
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\avast Antivir\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
E:\PORAMME 1\Speed Mang\SpeedMgr.exe
C:\Programme\SweetIM\Messenger\SweetIM.exe
E:\AVASTA~1\avastUI.exe
C:\Programme\IncrediMail\bin\IncMail.exe
E:\PORAMME 1\Mauszeiger\Stardock\CursorFX\CursorFX.exe
C:\Programme\IncrediMail\bin\IMApp.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
E:\Bluetoch\bin\btwdins.exe
C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
E:\Tom Tom Navi\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Programme\Google\Update\GoogleUpdate.exe
E:\PORAMME 1\Speed Mang\tsmsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
E:\Update\BitComet\BitComet.exe
E:\Pogramme 2\ICQLite\ICQ7.2\ICQ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
E:\PORAMME 1\vlc-0.4.6\vlc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\msiexec.exe
E:\PORAMME 1\HitjackThis 2,0,4\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.1und1.de/?ucuoId=STAC%3Alead.EUE.DE-20100907121101-ac170c568fJO5OeeuvlocEiI1kCRmsXk-12&__rd=ac170c235nG4YMtmMr75eS3RSmejmB9T&origin[site]=ST.EUE.DE&origin[page]=index
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13153&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.indexscope.com/iesearch.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13153&gct=&gc=1&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.indexscope.com/iesearch.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13153&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer bereitgestellt von 1&1 Internet AG
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.AOL.com
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Suche Deutschland Toolbar - {937f343c-c9c2-4235-b544-7fc4da2f2594} - C:\Programme\Suche_Deutschland\tbSuc0.dll
R3 - URLSearchHook: (no name) - {48405d3d-2674-4cd8-b1ef-9a719443bd3f} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Programme\AskSearch\bin\DefaultSearch.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {48405d3d-2674-4cd8-b1ef-9a719443bd3f} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PORAMM~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {663656DF-6BAE-460C-A612-8133DF519346} - C:\WINDOWS\SYSTEM32\iiffcdcb.dll
O2 - BHO: Suche Deutschland Toolbar - {937f343c-c9c2-4235-b544-7fc4da2f2594} - C:\Programme\Suche_Deutschland\tbSuc0.dll
O2 - BHO: (no name) - {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\MSDXM.OCX
O3 - Toolbar: &Browser Radio - {55E52620-3354-4C57-A179-62D5500A01E4} - radiojockey_org.dll (file missing)
O3 - Toolbar: Suche Deutschland Toolbar - {937f343c-c9c2-4235-b544-7fc4da2f2594} - C:\Programme\Suche_Deutschland\tbSuc0.dll
O3 - Toolbar: (no name) - {48405d3d-2674-4cd8-b1ef-9a719443bd3f} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "E:\PORAMME 1\Speed Mang\SpeedMgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast5] E:\AVASTA~1\avastUI.exe /nogui
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "E:\Anti Malware\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\WINDOWS\System32\rundll32.exe" "C:\Programme\NOS\bin\getPlus_Helper_3004.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Anti Malware\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [IncrediMail] C:\Programme\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [CursorFX] "E:\PORAMME 1\Mauszeiger\Stardock\CursorFX\CursorFX.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-1547161642-299502267-682003330-500\..\Run: [NBJ] "C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe" (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://E:\Update\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://E:\Update\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://E:\Update\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\Update\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\Pogramme 2\ICQLite\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\Pogramme 2\ICQLite\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Bluetoch\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Bluetoch\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PORAMM~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PORAMM~1\SPYBOT~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Pogramme 2\ICQLite\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Pogramme 2\ICQLite\ICQ6.5\ICQ.exe
O20 - Winlogon Notify: iiffcdcb - iiffcdcb.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - E:\avast Antivir\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - E:\avast Antivir\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - E:\avast Antivir\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Bluetoch\bin\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\\Programme\\Gemeinsame Dateien\\AVM\\de_serv.exe (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: DSL-Manager (TDslMgrService) - Unknown owner - E:\\PORAMME 1\\DSL-Manager\\DslMgrSvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - E:\Tom Tom Navi\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - E:\PORAMME 1\Speed Mang\tsmsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Tune Up Program\WinStylerThemeSvc.exe
O24 - Desktop Component 0: (no name) - http://p.ebaystatic.com/aw/pics/de/logos/logoEbay_x45.gif
--
End of file - 12441 bytes
Tut mir leid das es nicht auf die neuste version ist da der rechner 5 Jahre lang im Keller gestanden hat
MfG
zasu
