| Logfile of HijackThis v1.99.1 |
| Scan saved at 17:07:14, on 01.05.2010 |
| Platform: Windows XP SP3 (WinNT 5.01.2600) |
| MSIE: Internet Explorer v8.00 (8.00.6001.18702) |
| Running processes: |
| C:\WINDOWS\Explorer.EXE |
| C:\WINDOWS\Udomyb.exe |
| C:\Programme\DellTPad\Apoint.exe |
| C:\Programme\IDT\WDM\sttray.exe |
| C:\WINDOWS\system32\AESTFltr.exe |
| C:\WINDOWS\system32\hkcmd.exe |
| C:\WINDOWS\system32\igfxsrvc.exe |
| C:\WINDOWS\system32\igfxpers.exe |
| C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe |
| C:\Programme\DellTPad\ApMsgFwd.exe |
| C:\Programme\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe |
| C:\Programme\DellTPad\HidFind.exe |
| C:\Programme\DellTPad\Apntex.exe |
| C:\Programme\Dell\Dell ControlPoint\Dell.ControlPoint.exe |
| C:\Programme\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe |
| C:\PROGRA~1\GDATA~1\AVKCLI~1\AvkCl.exe |
| C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe |
| C:\WINDOWS\system32\ctfmon.exe |
| C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe |
| C:\Programme\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe |
| C:\Programme\Mozilla Firefox\firefox.exe |
| C:\WINDOWS\system32\mshta.exe |
| C:\DOKUME~1\emersonj\LOKALE~1\Temp\Ulr.exe |
| D:\hjack\HijackThis.exe |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.de/hws/sb/dell-row-rel/de/side.html?channel=de |
| R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de/hws/sb/dell-row-rel/de/side.html?channel=de |
| R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 |
| R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.myfastwebsearch.com/ |
| R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row-rel&channel=de&ibd=3081217 |
| R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Programme\IEToolbar\My Fast Web Search\tbhelper.dll |
| O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll |
| O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll |
| O2 - BHO: TBSB07741 - {9D78BE3F-575E-499E-9812-25F531816459} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll |
| O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll |
| O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll |
| O3 - Toolbar: My Fast Web Search - {F9C1FF30-602C-49A5-8DB2-E2510CC4BFB0} - C:\Programme\IEToolbar\My Fast Web Search\tbcore3.dll |
| O4 - HKLM\..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe |
| O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe |
| O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg |
| O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe |
| O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe |
| O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe |
| O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" |
| O4 - HKLM\..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe |
| O4 - HKLM\..\Run: [ChangeTPMAuth] C:\Programme\Wave Systems Corp\Common\ChangeTPMAuth.exe /T:NTRU12 |
| O4 - HKLM\..\Run: [WavXMgr] C:\Programme\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe |
| O4 - HKLM\..\Run: [SecureUpgrade] C:\Programme\Wave Systems Corp\SecureUpgrade.exe |
| O4 - HKLM\..\Run: [EmbassySecurityCheck] "C:\Programme\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe" |
| O4 - HKLM\..\Run: [DellControlPoint] "C:\Programme\Dell\Dell ControlPoint\Dell.ControlPoint.exe" |
| O4 - HKLM\..\Run: [DCPstrApp] C:\Programme\Dell\Dell ControlPoint\Security Manager\SecurityDeviceInfoSetRegistryString.exe |
| O4 - HKLM\..\Run: [DellConnectionManager] "C:\Programme\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" |
| O4 - HKLM\..\Run: [AVK Client] "C:\PROGRA~1\GDATA~1\AVKCLI~1\AvkCl.exe" /GUI |
| O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon |
| O4 - HKLM\..\Run: [CheckMedi8or] C:\Programme\Mediator 7 Pro\CheckNewUser.exe |
| O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" |
| O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe" |
| O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R |
| O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k |
| O4 - HKLM\..\Run: [Service Man] C:\Dokumente und Einstellungen\emersonj\Anwendungsdaten\scvhost.exe |
| O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net" |
| O4 - HKLM\..\Run: [lsdefrag] C:\DOKUME~1\emersonj\LOKALE~1\Temp\srwxocmena.tmp |
| O4 - HKLM\..\RunOnce: [KB976002-v5] C:\WINDOWS\system32\browserchoice.exe |
| O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe |
| O4 - HKCU\..\Run: [ISUSPM] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler |
| O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe |
| O4 - HKCU\..\Run: [Copernic Desktop Search - Home] "C:\Programme\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray |
| O4 - HKCU\..\Run: [VoipBuster] "H:\New Folder\VoipBuster\VoipBuster.exe" -nosplash -minimized |
| O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background |
| O4 - HKCU\..\Run: [Windows File Protection] C:\Dokumente und Einstellungen\emersonj\Anwendungsdaten\scvhost.exe |
| O4 - HKCU\..\Run: [M5T8QL3YW3] C:\DOKUME~1\emersonj\LOKALE~1\Temp\Ulr.exe |
| O4 - Startup: ProxyCheck.cmd |
| O4 - Global Startup: Dell ControlPoint System Manager.lnk = C:\Programme\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe |
| O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 |
| O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL |
| O9 - Extra button: Encarta Suchleiste - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL |
| O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll |
| O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll |
| O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
| O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
| O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe |
| O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe |
| O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ\Application\ICQ7.1\ICQ.exe (HKCU) |
| O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ\Application\ICQ7.1\ICQ.exe (HKCU) |
| O11 - Options group: [INTERNATIONAL] International |
| O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236591687062 |
| O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236588178359 |
| O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab |
| O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = harkenberg.local |
| O17 - HKLM\Software\..\Telephony: DomainName = harkenberg.local |
| O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = harkenberg.local |
| O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll |
| O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL |
| O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) |
| O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll |
| O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll |
| O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll |
| O23 - Service: G DATA AntiVirus Client (AntiVirusKit Client) - G Data Software AG - C:\Programme\G DATA\AVKClient\AVKCl.exe |
| O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Programme\Fingerprint Sensor\AtService.exe |
| O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe |
| O23 - Service: AVK Wächter (AVKWCtl) - G Data Software AG - C:\Programme\G DATA\AVKClient\AVKWCtl.exe |
| O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Programme\Broadcom\MgmtAgent\BrcmMgmtAgent.exe |
| O23 - Service: Dell ControlPoint Button Service (buttonsvc32) - Dell Inc. - C:\Programme\Dell\Dell ControlPoint\DCPButtonSvc.exe |
| O23 - Service: Dell ControlPoint System Manager (dcpsysmgrsvc) - Dell Inc. - C:\Programme\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe |
| O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe |
| O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe |
| O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) |
| O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) |
| O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe |
| O23 - Service: Smith Micro Connection Manager Service (SMManager) - Smith Micro Software, Inc. - C:\Programme\Dell\Dell ControlPoint\Connection Manager\SMManager.exe |
| O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\drivers\audio\r190031\stacsv.exe |
| O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe |
| O23 - Service: NTRU TSS v1.2.1.27 TCS (tcsd_win32.exe) - Unknown owner - C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe |
| O23 - Service: TdmService - Wave Systems Corp. - C:\Programme\Wave Systems Corp\Trusted Drive Manager\TdmService.exe |
| O23 - Service: uvnc_service - Unknown owner - C:\Programme\UltraVNC\WinVNC.exe" -service (file missing) |
01.05.2010, 16:26
Linear-Darstellung
