Logfile of HijackThis v1.99.1
Scan saved at 15:52:47, on 16.05.05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAMME\SYGATE\SPF\SMC.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAMME\GRISOFT\AVG FREE\AVGCC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMME\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAMME\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAMME\BROWSER MOUSE\BROWSER MOUSE\1.0\LWBWHEEL.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAMME\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAMME\MICROSOFT OFFICE\OFFICE\FINDFAST.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMME\TOTALCMD\TOTALCMD.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\EIGENE DATEIEN\TOOLS\REGTOOLS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.utanet.at
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.utanet.at
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von UTA Telekom AG
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM…\Run: [systemTray] SysTray.Exe
O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM…\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM…\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM…\Run: [smcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM…\Run: [LWBMOUSE] C:\Programme\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKLM…\Run: [internat.exe] internat.exe
O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM…\RunServices: [smcService] C:\PROGRAMME\SYGATE\SPF\SMC.EXE
O4 - HKCU…\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE
O8 - Extra context menu item: &Google Search - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
O8 - Extra context menu item: Verweisseiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/Media … ge-c18.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 195.96.0.4,195.70.224.45