Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:57:59, on 03.06.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\siswlsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Dlocia.exe
C:\Programme\Canon\CAL\CALMAIN.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\RocketDock\RocketDock.exe
C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\drvshp32.exe
C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\winnsvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\DOKUME~1\Besitzer\LOKALE~1\Temp\Dr1.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Programme\Outlook Express\msimn.exe" //mailurl:mailto:
[email protected]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Internet Explorer\qipsearchbar.dll
O1 - Hosts: 186.103.7.68
www.symantec.com
O1 - Hosts: 91.23.220.27 securityresponse.symantec.com
O1 - Hosts: 52.131.189.100 symantec.com
O1 - Hosts: 163.207.247.203
www.sophos.com
O1 - Hosts: 177.62.121.196 sophos.com
O1 - Hosts: 152.3.57.196
www.mcafee.com
O1 - Hosts: 130.84.211.176 mcafee.com
O1 - Hosts: 148.193.115.150 liveupdate.symantecliveupdate.com
O1 - Hosts: 43.196.246.155
www.viruslist.com
O1 - Hosts: 101.153.76.52 viruslist.com
O1 - Hosts: 228.79.33.153 f-secure.com
O1 - Hosts: 206.32.188.119
www.f-secure.com
O1 - Hosts: 24.254.39.229 kaspersky.com
O1 - Hosts: 5.110.144.154
www.avp.com
O1 - Hosts: 233.153.239.93
www.kaspersky.com
O1 - Hosts: 51.160.233.188 avp.com
O1 - Hosts: 170.49.244.1
www.networkassociates.com
O1 - Hosts: 247.88.189.98 networkassociates.com
O1 - Hosts: 100.151.199.120
www.ca.com
O1 - Hosts: 227.56.84.243 ca.com
O1 - Hosts: 82.226.136.139 mast.mcafee.com
O1 - Hosts: 253.107.204.58 my-etrust.com
O1 - Hosts: 101.237.113.168
www.my-etrust.com
O1 - Hosts: 64.28.149.231 download.mcafee.com
O1 - Hosts: 192.214.75.96 dispatch.mcafee.com
O1 - Hosts: 24.252.246.13 secure.nai.com
O1 - Hosts: 61.129.246.233 nai.com
O1 - Hosts: 233.192.135.165
www.nai.com
O1 - Hosts: 230.19.229.157 update.symantec.com
O1 - Hosts: 137.161.181.10 updates.symantec.com
O1 - Hosts: 125.119.160.121 us.mcafee.com
O1 - Hosts: 193.219.65.124 liveupdate.symantec.com
O1 - Hosts: 244.220.65.159 customer.symantec.com
O1 - Hosts: 209.46.192.157 rads.mcafee.com
O1 - Hosts: 246.53.247.212 trendmicro.com
O1 - Hosts: 233.96.28.247
www.trendmicro.com
O1 - Hosts: 186.103.7.68
www.symantec.com
O1 - Hosts: 91.23.220.27 securityresponse.symantec.com
O1 - Hosts: 52.131.189.100 symantec.com
O1 - Hosts: 163.207.247.203
www.sophos.com
O1 - Hosts: 177.62.121.196 sophos.com
O1 - Hosts: 152.3.57.196
www.mcafee.com
O1 - Hosts: 130.84.211.176 mcafee.com
O1 - Hosts: 148.193.115.150 liveupdate.symantecliveupdate.com
O1 - Hosts: 43.196.246.155
www.viruslist.com
O1 - Hosts: 101.153.76.52 viruslist.com
O1 - Hosts: 228.79.33.153 f-secure.com
O1 - Hosts: 206.32.188.119
www.f-secure.com
O1 - Hosts: 24.254.39.229 kaspersky.com
O1 - Hosts: 5.110.144.154
www.avp.com
O1 - Hosts: 233.153.239.93
www.kaspersky.com
O1 - Hosts: 51.160.233.188 avp.com
O1 - Hosts: 170.49.244.1
www.networkassociates.com
O1 - Hosts: 247.88.189.98 networkassociates.com
O1 - Hosts: 100.151.199.120
www.ca.com
O1 - Hosts: 227.56.84.243 ca.com
O1 - Hosts: 82.226.136.139 mast.mcafee.com
O1 - Hosts: 253.107.204.58 my-etrust.com
O1 - Hosts: 101.237.113.168
www.my-etrust.com
O1 - Hosts: 64.28.149.231 download.mcafee.com
O1 - Hosts: 192.214.75.96 dispatch.mcafee.com
O1 - Hosts: 24.252.246.13 secure.nai.com
O1 - Hosts: 61.129.246.233 nai.com
O1 - Hosts: 233.192.135.165
www.nai.com
O1 - Hosts: 230.19.229.157 update.symantec.com
O1 - Hosts: 137.161.181.10 updates.symantec.com
O1 - Hosts: 125.119.160.121 us.mcafee.com
O1 - Hosts: 193.219.65.124 liveupdate.symantec.com
O1 - Hosts: 244.220.65.159 customer.symantec.com
O1 - Hosts: 209.46.192.157 rads.mcafee.com
O1 - Hosts: 246.53.247.212 trendmicro.com
O1 - Hosts: 233.96.28.247
www.trendmicro.com
O1 - Hosts: 186.103.7.68
www.symantec.com
O1 - Hosts: 91.23.220.27 securityresponse.symantec.com
O1 - Hosts: 52.131.189.100 symantec.com
O1 - Hosts: 163.207.247.203
www.sophos.com
O1 - Hosts: 177.62.121.196 sophos.com
O1 - Hosts: 152.3.57.196
www.mcafee.com
O1 - Hosts: 130.84.211.176 mcafee.com
O1 - Hosts: 148.193.115.150 liveupdate.symantecliveupdate.com
O1 - Hosts: 43.196.246.155
www.viruslist.com
O1 - Hosts: 101.153.76.52 viruslist.com
O1 - Hosts: 228.79.33.153 f-secure.com
O1 - Hosts: 206.32.188.119
www.f-secure.com
O1 - Hosts: 24.254.39.229 kaspersky.com
O1 - Hosts: 5.110.144.154
www.avp.com
O1 - Hosts: 233.153.239.93
www.kaspersky.com
O1 - Hosts: 51.160.233.188 avp.com
O1 - Hosts: 170.49.244.1
www.networkassociates.com
O1 - Hosts: 247.88.189.98 networkassociates.com
O1 - Hosts: 100.151.199.120
www.ca.com
O1 - Hosts: 227.56.84.243 ca.com
O1 - Hosts: 82.226.136.139 mast.mcafee.com
O1 - Hosts: 253.107.204.58 my-etrust.com
O1 - Hosts: 101.237.113.168
www.my-etrust.com
O1 - Hosts: 64.28.149.231 download.mcafee.com
O1 - Hosts: 192.214.75.96 dispatch.mcafee.com
O1 - Hosts: 24.252.246.13 secure.nai.com
O1 - Hosts: 61.129.246.233 nai.com
O1 - Hosts: 233.192.135.165
www.nai.com
O1 - Hosts: 230.19.229.157 update.symantec.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Windows System Manager] C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\winnsvc.exe
O4 - HKLM\..\Run: [comctl32] C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\drvshp32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Programme\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [comctl32] C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\drvshp32.exe
O4 - HKCU\..\Run: [M5T8QL3YW3] C:\DOKUME~1\Besitzer\LOKALE~1\Temp\Dr1.exe
O4 - HKCU\..\Run: [V71IQL7HI7] C:\WINDOWS\Dlocia.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Verknüpfung mit RocketDock.lnk = C:\Programme\RocketDock\RocketDock.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\WINDOWS\system32\siswlsvc.exe
--
End of file - 11430 bytes