High
hab mir HighJackThis runter geladen und gestartet.
Kann sich das mal jemand anschauen?
Hier die Log Datei:
Logfile of HijackThis v1.98.0
Scan saved at 08:15:52, on 02.07.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
G:\Internet\Firewall\Smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
G:\Karlsruher\WebKis\Tomcat\bin\tomcat.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Uniserv\Internet\java\bin\gateway.exe
C:\Programme\Uniserv\post\bin\gcssock.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\System32\drivers\IMountSRV.exe
C:\Programme\Uniserv\cliserv\bin\liserv.exe
C:\Programme\OO Software\CleverCache\OOCCSVC.exe
C:\Programme\Uniserv\post\bin\postsock.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
C:\Programme\AVPersonal\AVGNT.EXE
G:\INTERNET\0190WA~1\WARN0190.EXE
C:\Programme\Microsoft Hardware\Mouse\point32.exe
G:\Internet\Babylon\Babylon.exe
G:\Helfer\freemex.exe
G:\INTERNET\0190WA~1\w0svc.exe
G:\Helfer\Idoswin Free\Idoswin32.exe
H:\Helfer\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://f10/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=F10:9202;http=F10:9202;https=F10:9202;socks=F10:9203
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
F0 - system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - g:\Text\Acrobat\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - G:\INTERNET\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: (no name) - {BBE59AF5-EE22-4A3A-AB26-3F774D1B4216} - G:\Helfer\FolderBox\FolderBox.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - G:\INTERNET\FLASHGET\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [SmcService] G:\Internet\Firewall\smc.exe -startgui
O4 - HKLM\..\Run: [CloneCDElbyCDFL] G:\BrennSoftware\CloneCD\ElbyCheck.exe /L ElbyCDFL
O4 - HKLM\..\Run: [0190 Warner] G:\INTERNET\0190WA~1\WARN0190.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Programme\StartupStar\inactive.exe G:\Helfer\StartupManager\inactive.exe G:\player\Quicktime\qttask.exe -atboottime
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [mspd] C:\Programme\StartupStar\inactive.exe C:\WINDOWS\System32\mspd.exe
O4 - HKLM\..\Run: [CHotkey] C:\Programme\StartupStar\inactive.exe mHotkey.exe
O4 - HKCU\..\Run: [Babylon Translator] G:\Internet\Babylon\Babylon.exe
O4 - Global Startup: Freemax.lnk = G:\Helfer\freemex.exe
O4 - Global Startup: BrowserStar-Auto.lnk = G:\Helfer\BrouserStar\BrowserStar.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - G:\INTERNET\E-MAIL\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Alles mit FlashGet laden - G:\INTERNET\FLASHGET\jc_all.htm
O8 - Extra context menu item: Alles mit Net Transport herunterladen - G:\Insider\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Backward &Links - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Mit FlashGet laden - G:\INTERNET\FLASHGET\jc_link.htm
O8 - Extra context menu item: Mit Net Transport herunterladen - G:\Insider\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Si&milar Pages - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: Adda - {3037FC09-62A6-4446-AA30-BB9DB0CD9B65} - G:\Helfer\AddaButton\aab.exe
O9 - Extra->Tools' menuitem: Adda - {3037FC09-62A6-4446-AA30-BB9DB0CD9B65} - G:\Helfer\AddaButton\aab.exe
O9 - Extra button: Wecker-Alarm - {7B499570-29C5-4a80-9F57-94A420D140CE} - (no file)
O9 - Extra->Tools' menuitem: Nach Wecker für Windows exportieren - {7B499570-29C5-4a80-9F57-94A420D140CE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\INTERNET\FLASHGET\flashget.exe
O9 - Extra->Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\INTERNET\FLASHGET\flashget.exe
O9 - Extra button: MWSnap - {36C2D576-631E-44c6-90B4-4EBE9646DA53} - G:\Helfer\Schnappschuss\MWSnap\MWSnap.exe (HKCU)
O9 - Extra->Tools' menuitem: MWSnap - {36C2D576-631E-44c6-90B4-4EBE9646DA53} - G:\Helfer\Schnappschuss\MWSnap\MWSnap.exe (HKCU)
O9 - Extra button: Wecker - {46FBD990-906E-4cd1-83EB-0523EE60006B} - G:\Helfer\fwecker\Wecker.exe (HKCU)
O9 - Extra->Tools' menuitem: Wecker - {46FBD990-906E-4cd1-83EB-0523EE60006B} - G:\Helfer\fwecker\Wecker.exe (HKCU)
O9 - Extra button: XP-Tuner - {49A4746B-488B-4843-9C66-F8C97464CF19} - G:\Helfer\xpTuner\xpTuner.exe (file missing) (HKCU)
O9 - Extra->Tools' menuitem: XP-Tuner - {49A4746B-488B-4843-9C66-F8C97464CF19} - G:\Helfer\xpTuner\xpTuner.exe (file missing) (HKCU)
O9 - Extra button: BrowserStar - {9AC215C7-785A-4120-9DDA-07947660B96E} - G:\Helfer\BrouserStar\BrowserStar.exe (HKCU)
O9 - Extra->Tools' menuitem: BrowserStar - {9AC215C7-785A-4120-9DDA-07947660B96E} - G:\Helfer\BrouserStar\BrowserStar.exe (HKCU)
O9 - Extra button: atomzeit - {C5D305B0-431B-45d3-8E07-707D1F36AF0D} - G:\Helfer\atomzeit\atomzeit.exe (HKCU)
O9 - Extra->Tools' menuitem: atomzeit - {C5D305B0-431B-45d3-8E07-707D1F36AF0D} - G:\Helfer\atomzeit\atomzeit.exe (HKCU)
O9 - Extra button: AddaButton - {D0281F6F-F450-4baa-A932-16EDDFD9F219} - G:\Helfer\AddaButton\aab.exe (HKCU)
O9 - Extra->Tools' menuitem: AddaButton - {D0281F6F-F450-4baa-A932-16EDDFD9F219} - G:\Helfer\AddaButton\aab.exe (HKCU)
O9 - Extra button: Spoof - {D7C9BA79-A8C8-442e-B239-6C571815DBD4} - H:\Spoofs\DSpoof.exe (HKCU)
O9 - Extra->Tools' menuitem: Spoof - {D7C9BA79-A8C8-442e-B239-6C571815DBD4} - H:\Spoofs\DSpoof.exe (HKCU)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) -
http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-9.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) -
http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) -
http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} -
http://www.xxxtoolbar.com/ist/softwares/v3.0/0006_cracks.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) -
http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AB5419AA-A602-41C6-BAC4-C9FE45A069D8}: NameServer = 192.168.122.252,192.168.122.253
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8C34CAB-D01D-4A2B-849D-9F4D3762D041}: NameServer = 192.168.120.252,192.168.120.253