Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:32:55, on 08.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Programme\cfos\cFosDNT.exe
D:\Programme\ESET\ESET NOD32 Antivirus\egui.exe
D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
D:\Programme\PeerGuardian2\pg2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
D:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
D:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
d:\Programme\Jana2\Janad.exe
C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\Programme\KomfortWecker\KomfortWecker.exe
C:\Programme\Java\jre6\bin\jqs.exe
D:\Programme\NERO\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
d:\Programme\WEB.DE\WEB.DE SmartSurfer\SmurfService.exe
C:\WINDOWS\System32\svchost.exe
D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\Programme\Java\jre6\bin\javaw.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
d:\Programme\tvgenial\TVgenial.exe
d:\Programme\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 91.188.168.89:3128
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - d:\Programme\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - d:\Programme\FlashFXP\IEFlash.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ulutil2.dll,SetWriteBack
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [cFosDNT] D:\Programme\cfos\cFosDNT.exe
O4 - HKLM\..\Run: [QuickTime Task] D:\Programme\QuickTime\qttask.exe -atboottime
O4 - HKLM\..\Run: [egui] D:\Programme\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] D:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [PeerGuardian] d:\Programme\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] D:\Programme\Microsoft ActiveSync\wcescomm.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Programme\Windows Live\Messenger\msnmsgr.exe /background
O4 - HKCU\..\Run: [TVgenial] d:\Programme\tvgenial\TVgenial.exe -d
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User->LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User->NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User->SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User->Default user')
O4 - Startup: Komfort-Wecker.lnk = D:\Programme\KomfortWecker\KomfortWecker.exe
O4 - Startup: Verknüpfung mit cleartmp.lnk = E:\Software\Temp-Terminator\cleartmp.bat
O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download with GetRight Pro - D:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: In Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Mit GetRight downloaden - D:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Mit Getright-Browser öffnen - D:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Pro Browser - D:\Programme\GetRight\GRbrowse.htm
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://d:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra->Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra->Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - d:\Programme\KeyScrambler\KeyScramblerIE.dll
O9 - Extra->Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - d:\Programme\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra->Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra->Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - {E59EB121-F339-4851-A3BA-FE49C35617C2} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra->Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) -
http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1213471125640
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) -
http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) -
http://cainternetsecurity.net/scanner/cascanner.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5654/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{055D2D3F-57D4-4719-803B-53AFAD8F5134}: NameServer = 85.214.73.63,77.220.232.44
O17 - HKLM\System\CS1\Services\Tcpip\..\{055D2D3F-57D4-4719-803B-53AFAD8F5134}: NameServer = 85.214.73.63,77.220.232.44
O17 - HKLM\System\CS2\Services\Tcpip\..\{055D2D3F-57D4-4719-803B-53AFAD8F5134}: NameServer = 85.214.73.63,77.220.232.44
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Jana Server 2 (Janad) - Thomas Hauck, Privat - d:\Programme\Jana2\Janad.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Programme\NERO\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartSurfer Manager (SmartSurferManager) - United Internet AG - d:\Programme\WEB.DE\WEB.DE SmartSurfer\SmurfService.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Windows Media Player-Netzwerkfreigabedienst (WMPNetworkSvc) - Unknown owner - C:\Programme\Windows Media Player\WMPNetwk.exe (file missing)
--
End of file - 13130 bytes