PC öffnet selbstständig Browsertabs mit kryptischem Inhalt

DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 6.0.2900.5512  BrowserJavaVersion: 1.6.0_19
Run by XXXX at 23:07:00 on 2012-04-07
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1022.605 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\CmUCReye.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\ALCFDRTM.EXE
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\PDF24\pdf24.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Dokumente und Einstellungen\XXXX\Anwendungsdaten\CoSoSys\CarryItEasy\CarryLaunch.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\Dokumente und Einstellungen\XXXX\Lokale Einstellungen\Temp\Password.exe
C:\Programme\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Canon\IJPLM\IJPLMSVC.EXE
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.aldi.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\programme\icq6toolbar\ICQToolBar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programme\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\programme\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programme\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programme\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\programme\icq6toolbar\ICQToolBar.dll
TB: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\programme\ask.com\GenericAskToolbar.dll
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\programme\icq6toolbar\ICQToolBar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AdobeBridge] 
uRun: [CarryLaunch] c:\dokumente und einstellungen\XXXX\anwendungsdaten\cososys\carryiteasy\CarryLaunch.exe
uRun: [WMPNSCFG] c:\programme\windows media player\WMPNSCFG.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [CmUCRRun] c:\windows\system32\CmUCReye.exe
mRun: [Realtime Monitor] c:\progra~1\ca\etrust~1\realmon.exe -s
mRun: [nwiz] nwiz.exe /install
mRun: [AlcFDMonitor] c:\windows\ALCFDRTM.EXE
mRun: [AdobeCS4ServiceManager] "c:\programme\gemeinsame dateien\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Photo Downloader] "c:\programme\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [SunJavaUpdateSched] "c:\programme\gemeinsame dateien\java\java update\jusched.exe"
mRun: [PDFPrint] c:\programme\pdf24\pdf24.exe
mRun: [avgnt] "c:\programme\avira\antivir desktop\avgnt.exe" /min
mRun: [QuickTime Task] "c:\programme\quicktime\QTTask.exe" -atboottime
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\dokume~1\alluse~1\startm~1\progra~1\autost~1\password.lnk - c:\dokumente und einstellungen\XXXX\lokale einstellungen\temp\Password.exe
IE: Nach Microsoft &Excel exportieren - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\programme\icq7.2\ICQ.exe
IE: {B863453A-26C3-4e1f-A54D-A2CD196348E9} - c:\programme\icqlite\ICQLite.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programme\messenger\msmsgs.exe
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\programme\winhttrack\WinHTTrackIEBar.dll
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\programme\gemeinsame dateien\microsoft shared\encarta search bar\ENCSBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} - hxxps://vpn.uni-giessen.de/+CSCOL+/csvrloader32.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128778405937
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1310973651093
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{BFD01CB8-327D-436D-80FE-7B7AFCC6BDFF} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\gemein~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Internetverknüpfung: {fbf23b40-e3f0-101b-8488-00aa003e56f8} - shdocvw.dll
Hosts: 127.0.0.1	www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\dokumente und einstellungen\XXXX\anwendungsdaten\mozilla\firefox\profiles\nzk8dd3h.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ig?hl=de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - plugin: c:\dokumente und einstellungen\XXXX\anwendungsdaten\mozilla\firefox\profiles\nzk8dd3h.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\dokumente und einstellungen\XXXX\anwendungsdaten\mozilla\firefox\profiles\nzk8dd3h.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\programme\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\programme\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\programme\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\programme\picasa2\npPicasa2.dll
FF - plugin: c:\programme\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\programme\avira\antivir desktop\avgio.sys [2011-7-23 11608]
R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [2007-12-21 110304]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\avira\antivir desktop\sched.exe [2011-7-23 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\programme\avira\antivir desktop\avguard.exe [2011-7-23 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-7-23 66616]
R2 drhard;drhard;c:\windows\system32\drivers\drhard.sys [2010-3-31 23600]
R2 ICQ Service;ICQ Service;c:\programme\icq6toolbar\ICQ Service.exe [2008-8-11 247096]
R2 ScanDrv;ScanDrv;c:\windows\system32\drivers\SCANDRV.SYS [2006-7-27 186612]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2005-10-18 826752]
R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver;c:\windows\system32\drivers\cmiucr.SYS [2006-2-28 93056]
S0 rseb;rseb; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\programme\google\update\GoogleUpdate.exe [2010-12-23 136176]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;c:\dokume~1\XXXX~1\lokale~1\temp\onlinescanner\anti-virus\fsgk.sys [2011-5-1 70144]
S3 GenericMount;Generic Mount Driver;c:\windows\system32\drivers\genericmount.sys --> c:\windows\system32\drivers\GenericMount.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\google\update\GoogleUpdate.exe [2010-12-23 136176]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2006-6-17 392824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-03-26 21:09:09	--------	d-----w-	c:\dokumente und einstellungen\XXXX\anwendungsdaten\Foxit Software
2012-03-25 16:39:04	--------	d-----w-	c:\dokumente und einstellungen\XXXX\lokale einstellungen\anwendungsdaten\Xara
2012-03-25 16:38:12	--------	d-----w-	c:\programme\MAGIX
2012-03-25 16:38:12	--------	d-----w-	c:\dokumente und einstellungen\all users\anwendungsdaten\MAGIX
2012-03-18 16:19:22	--------	d-----w-	C:\My Web Sites
2012-03-18 16:18:10	--------	d-----w-	c:\programme\WinHTTrack
2012-03-18 13:15:59	592824	----a-w-	c:\programme\mozilla firefox\gkmedias.dll
2012-03-18 13:15:59	44472	----a-w-	c:\programme\mozilla firefox\mozglue.dll
.
==================== Find3M  ====================
.
2012-02-19 10:19:08	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-03 09:57:08	1860224	----a-w-	c:\windows\system32\win32k.sys
2012-01-11 19:06:33	3072	------w-	c:\windows\system32\iacenc.dll
2012-01-09 16:20:20	139784	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2006-05-03 09:06:54	163328	--sha-r-	c:\windows\system32\flvDX.dll
2007-02-21 10:47:16	31232	--sha-r-	c:\windows\system32\msfDX.dll
2008-03-16 12:30:52	216064	--sha-r-	c:\windows\system32\nbDX.dll
.
============= FINISH: 23:08:37,46 ===============[/QUOTE]