![]() |
Achtung!!! #Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:06:00, on 10.01.2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Programme\Avira\AntiVir Desktop\sched.exe D:\Programme\Gemeinsame Dateien\EPSON\eEBAPI\eEBSVC.exe D:\Programme\Avira\AntiVir Desktop\avguard.exe D:\Programme\Bonjour\mDNSResponder.exe D:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe D:\Programme\NCH Software\ExpressAccounts\expressaccounts.exe D:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe D:\Programme\T-Mobile\web'n'walk Manager\GtDetectSc.exe D:\Programme\Java\jre6\bin\jqs.exe D:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe D:\Programme\Gemeinsame Dateien\PC Tools\sMonitor\StartManSvc.exe d:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe D:\WINDOWS\system32\svchost.exe D:\Programme\TomTom HOME 2\TomTomHOMEService.exe D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe D:\WINDOWS\Explorer.EXE D:\Programme\Synaptics\SynTP\SynTPEnh.exe D:\WINDOWS\RTHDCPL.EXE D:\Programme\Avira\AntiVir Desktop\avgnt.exe D:\Dokumente und Einstellungen\heiko\Anwendungsdaten\csrss.exe D:\WINDOWS\system32\ctfmon.exe D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe D:\DOKUME~1\heiko\LOKALE~1\Temp\RtkBtMnt.exe D:\WINDOWS\system32\wscntfy.exe D:\WINDOWS\system32\wbem\wmiapsrv.exe D:\Programme\Uniblue\RegistryBooster\registrybooster.exe D:\Programme\Mozilla Firefox\firefox.exe D:\WINDOWS\system32\msiexec.exe D:\WINDOWS\System32\svchost.exe C:\Programme\Hihack\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://de.ask.com?o=15015&l=dis R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - D:\Programme\pdfforge Toolbar\SearchSettings.dll R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Programme\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - D:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Programme\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - D:\Programme\pdfforge Toolbar\SearchSettings.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - D:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Programme\Ask.com\GenericAskToolbar.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - D:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - D:\Programme\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [SynTPEnh] D:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [AzMixerSel] D:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Nvidia driver] D:\Dokumente und Einstellungen\heiko\Anwendungsdaten\csrss.exe O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\RunOnce: [UniblueRegistryBooster] "D:\Programme\Uniblue\RegistryBooster\launcher.exe" delay 20000 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Verknüpfung mit SynTPEnh.lnk = D:\Programme\Synaptics\SynTP\SynTPEnh.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - D:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programme\Messenger\msmsgs.exe O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/PCPitStop.CAB O16 - DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} (diskhealth Class) - http://utilities.pcpitstop.com/Nirvana/controls/DiskMD3Ctrl.dll O16 - DPF: {A553720A-BFED-4EA4-A71F-7EFCA690A1F7} (PCPitstop AntiVirus) - http://utilities.pcpitstop.com/Nirvana/controls/pcpitstopAntiVirus.dll O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Nirvana/controls/pcpitstop2.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - D:\Programme\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - D:\Programme\Gemeinsame Dateien\EPSON\eEBAPI\eEBSVC.exe O23 - Service: Express Accounts (ExpressAccountsService) - NCH Software - D:\Programme\NCH Software\ExpressAccounts\expressaccounts.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - D:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe O23 - Service: GtDetectSc - Option - D:\Programme\T-Mobile\web'n'walk Manager\GtDetectSc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - D:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Programme\Java\jre6\bin\jqs.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - D:\Programme\Gemeinsame Dateien\PC Tools\sMonitor\StartManSvc.exe O23 - Service: TomTomHOMEService - TomTom - D:\Programme\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- End of file - 9225 bytes# vielen dank für die Hilfe |
Alle Zeitangaben in WEZ +1. Es ist jetzt 04:19 Uhr. |
Copyright ©2000-2025, Trojaner-Board