Hi,
jetzt gibt es auch noch ein hijackthis.de-File als Anhang...
Gruß,
Mona.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:45:16, on 11.06.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\ROUTER~1\ROUTERCONTROL.EXE
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
C:\Programme\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe
C:\Programme\FlashGet\FlashGet.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
C:\Programme\Tobit ClipInc\Player\ClipIncTray.exe
C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Telekom\Eumex 504PC USB\Capictrl.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
C:\Programme\FRITZ!DSL\StCenter.exe
C:\Programme\GetRight\GetRight.exe
C:\Programme\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Programme\Canon\CAL\CALMAIN.exe
C:\Programme\Outlook Express\msimn.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
D:\Windows Commander\WindowsCommander\WINCMD32.EXE
D:\Windows Commander\WindowsCommander\WINCMD32.EXE
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3\sandra.exe
C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3\RpcAgentSrv.exe
C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3\WNt500x86\RpcSandraSrv.exe
C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
MSN.com
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader - {} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Web-Recherche Browser Helper Object - {} - C:\Programme\Web-Recherche\WRShell.dll
O2 - BHO: flashget urlcatch - {} - C:\Programme\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {} - C:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: FlashGet GetFlash Class - {} - C:\Programme\FlashGet\getflash.dll
O2 - BHO: SingleInstance Class - {} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Windows Live Toolbar - {} - C:\Programme\Windows Live Toolbar\msntb.dll
O3 - Toolbar: FlashGet - {} - C:\Programme\FlashGet\fgiebar.dll
O3 - Toolbar: Web-Recherche-Symbolleiste - {} - C:\Programme\Web-Recherche\WRShell.dll
O3 - Toolbar: Web-Recherche-Bearbeitungsleiste - {} - C:\Programme\Web-Recherche\WRShell.dll
O3 - Toolbar: Übersetzer - {} - C:\Programme\PRMT78\PRMTIE\prmtie.dll
O3 - Toolbar: &Google Toolbar - {} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: ICQToolBar - {} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Yahoo! Toolbar - {} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Programme\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [CHotKey] mHotkey.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RouterControl] C:\PROGRA~1\ROUTER~1\ROUTERCONTROL.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ScanSoft PDF Create! 4-reminder] "C:\Programme\ScanSoft\PDF Create! 4\Ereg\ereg.exe" -r "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft\PDF Create\4\Ereg\ereg.ini"
O4 - HKLM\..\Run: [TVBroadcast] C:\Programme\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe
O4 - HKLM\..\Run: [routcnf] C:\Programme\Telekom\Eumex 504PC USB\routcnf.exe
O4 - HKLM\..\Run: [FlashGet] C:\Programme\FlashGet\FlashGet.exe /min
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HotKey] C:\WINDOWS\Twain_32\FlatBed\HotKey.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ClipIncSrvTray] "C:\Programme\Tobit ClipInc\Player\ClipIncTray.exe"
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: CAPIControl.lnk = ?
O4 - Global Startup: Erinnerungen in Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: FRITZ!DSL Startcenter.lnk = ?
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Programme\GetRight\GetRight.exe
O4 - Global Startup: Ulead Kalendar Checker 4.0 SE.lnk = C:\Programme\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm
O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Web-Recherche: Bild speichern - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#101
O8 - Extra context menu item: Web-Recherche: Bild speichern unter... - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#108
O8 - Extra context menu item: Web-Recherche: Link-Adresse speichern unter... - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#110
O8 - Extra context menu item: Web-Recherche: Markierte Ziele speichern unter... - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#111
O8 - Extra context menu item: Web-Recherche: Markierung speichern - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#104
O8 - Extra context menu item: Web-Recherche: Markierung speichern unter... - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#109
O8 - Extra context menu item: Web-Recherche: Seitenbereich (Frame) speichern - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#102
O8 - Extra context menu item: Web-Recherche: Seitenbereich (Frame) speichern unter... - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#106
O8 - Extra context menu item: Web-Recherche: Ziel speichern - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#103
O8 - Extra context menu item: Web-Recherche: Ziel speichern unter... - res://C:\PROGRA~1\WEB-RE~1\wrshell.dll/#107
O9 - Extra button: (no name) - {} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {} - C:\Programme\PRMT78\PRMTIE\prmtie5.htm
O9 - Extra 'Tools' menuitem: Übersetzen - {} - C:\Programme\PRMT78\PRMTIE\prmtie5.htm
O9 - Extra button: (no name) - {} - C:\Programme\PRMT78\PRMTIE\options.htm
O9 - Extra 'Tools' menuitem: Übersetzungsoptionen anpassen - {} - C:\Programme\PRMT78\PRMTIE\options.htm
O9 - Extra button: FlashGet - {} - C:\Programme\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {} - C:\Programme\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: cs - {} - C:\Programme\Web-Recherche\WRProtocol.dll
O18 - Protocol: wr - {} - C:\Programme\Web-Recherche\WRProtocol.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3\RpcAgentSrv.exe
O23 - Service: Sceneo PVR Service (srvcPVR) - Buhl Data Service GmbH - C:\Programme\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 14663 bytes