Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:13:09, on 23.05.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\\Windows\\system32\\taskeng.exe
C:\\Windows\\system32\\Dwm.exe
C:\\Windows\\Explorer.EXE
C:\\Windows\\system32\\taskhost.exe
C:\\Users\\Lindsay\\AppData\\Local\\Temp\\Hrm.exe
C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe
C:\\Windows\\System32\\igfxtray.exe
C:\\Windows\\System32\\hkcmd.exe
C:\\Windows\\System32\\igfxpers.exe
C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe
C:\\Windows\\system32\\igfxsrvc.exe
C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe
C:\\Program Files\\CyberLink\\Power2Go\\CLMLSvc.exe
C:\\Program Files\\Avira\\AntiVir Desktop\\avgnt.exe
C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe
C:\\Program Files\\SweetIM\\Messenger\\SweetIM.exe
C:\\Program Files\\avmwlanstick\\FRITZWLanMini.exe
C:\\Program Files\\Skype\\Phone\\Skype.exe
C:\\Windows\\System32\\rundll32.exe
C:\\Users\\Lindsay\\AppData\\Roaming\\UpdateStar\\UpdateStar.exe
C:\\Program Files\\ICQ6.5\\ICQ.exe
C:\\Program Files\\OpenOffice.org 3\\program\\soffice.exe
C:\\Program Files\\OpenOffice.org 3\\program\\soffice.bin
C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe
C:\\Users\\Public\\wincsvn.exe
C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe
C:\\Users\\Lindsay\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe
C:\\Users\\Lindsay\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe
C:\\Users\\Lindsay\\AppData\\Local\\Temp\\Hqr.exe
C:\\Users\\Lindsay\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe
C:\\Users\\Lindsay\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe
C:\\Users\\Lindsay\\Documents\\Downloads\\HiJackThis204 (1).exe
C:\\PROGRA~1\\Java\\jre6\\bin\\jp2launcher.exe
C:\\Program Files\\Java\\jre6\\bin\\java.exe
C:\\Windows\\system32\\conhost.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.google.de/
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\\Program Files\\Microsoft\\Search Enhancement Pack\\Search Helper\\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\\Program Files\\Windows Live\\Toolbar\\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\\Program Files\\SweetIM\\Toolbars\\Internet Explorer\\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\\Program Files\\Windows Live\\Toolbar\\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\\Program Files\\ICQ6Toolbar\\ICQToolBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\\Program Files\\SweetIM\\Toolbars\\Internet Explorer\\mgToolbarIE.dll
O4 - HKLM\\..\\Run: [IAAnotif] C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe
O4 - HKLM\\..\\Run: [IgfxTray] C:\\Windows\\system32\\igfxtray.exe
O4 - HKLM\\..\\Run: [HotKeysCmds] C:\\Windows\\system32\\hkcmd.exe
O4 - HKLM\\..\\Run: [Persistence] C:\\Windows\\system32\\igfxpers.exe
O4 - HKLM\\..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s
O4 - HKLM\\..\\Run: [SynTPEnh] %ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe
O4 - HKLM\\..\\Run: [MDS_Menu] \"C:\\Program Files\\CyberLink\\MediaShow4\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\CyberLink\\MediaShow4\" UpdateWithCreateOnce \"Software\\CyberLink\\MediaShow\\4.1\"
O4 - HKLM\\..\\Run: [CLMLServer] \"C:\\Program Files\\CyberLink\\Power2Go\\CLMLSvc.exe\"
O4 - HKLM\\..\\Run: [PDVD9LanguageShortcut] \"C:\\Program Files\\CyberLink\\PowerDVD9\\Language\\Language.exe\"
O4 - HKLM\\..\\Run: [UCam_Menu] \"C:\\Program Files\\CyberLink\\YouCam\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\CyberLink\\YouCam\" UpdateWithCreateOnce \"Software\\CyberLink\\YouCam\\3.0\"
O4 - HKLM\\..\\Run: [avgnt] \"C:\\Program Files\\Avira\\AntiVir Desktop\\avgnt.exe\" /min
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"
O4 - HKLM\\..\\Run: [SweetIM] C:\\Program Files\\SweetIM\\Messenger\\SweetIM.exe
O4 - HKLM\\..\\Run: [AVMWlanClient] C:\\Program Files\\avmwlanstick\\FRITZWLANMini.exe
O4 - HKCU\\..\\Run: [Skype] \"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized
O4 - HKCU\\..\\Run: [EA Core] \"C:\\Program Files\\Electronic Arts\\EADM\\Core.exe\" -silent
O4 - HKCU\\..\\Run: [ICQ] ~\"C:\\Program Files\\ICQ6.5\\ICQ.exe\" silent
O4 - HKCU\\..\\Run: [msnmsgr] ~\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background
O4 - HKCU\\..\\Run: [WindowsSystemGuard] C:\\Users\\Public\\winsvcn.exe
O4 - HKCU\\..\\Run: [Canaveral] rundll32.exe C:\\Users\\Lindsay\\AppData\\Local\\Temp\\sshnas21.dll,BackupReadW
O4 - HKCU\\..\\Run: [M5T8QL3YW3] C:\\Users\\Lindsay\\AppData\\Local\\Temp\\Hqr.exe
O4 - HKCU\\..\\Run: [WindowsServiceControler] C:\\Users\\Public\\wincsvn.exe
O4 - HKCU\\..\\Run: [UpdateStar] C:\\Users\\Lindsay\\AppData\\Roaming\\UpdateStar\\UpdateStar.exe -A
O4 - HKCU\\..\\Run: [Google Update] \"C:\\Users\\Lindsay\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c
O4 - Startup: OpenOffice.org 3.2.lnk = C:\\Program Files\\OpenOffice.org 3\\program\\quickstart.exe
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra \'Tools\' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra \'Tools\' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll
O9 - Extra \'Tools\' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\\Program Files\\Skype\\Toolbars\\Internet Explorer\\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\\Program Files\\ICQ6.5\\ICQ.exe
O9 - Extra \'Tools\' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\\Program Files\\ICQ6.5\\ICQ.exe
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O9 - Extra \'Tools\' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{15035E71-D8AD-4C2A-9FAA-785FE27F41B0}: NameServer = 213.191.74.11 213.191.92.82
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{54230A9B-F921-4735-AFC1-6BF14CABC256}: NameServer = 213.191.74.11,213.191.92.82
O17 - HKLM\\System\\CS1\\Services\\Tcpip\\..\\{15035E71-D8AD-4C2A-9FAA-785FE27F41B0}: NameServer = 213.191.74.11 213.191.92.82
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\\Program Files\\Avira\\AntiVir Desktop\\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\\Program Files\\Avira\\AntiVir Desktop\\avguard.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\\Program Files\\Common Files\\MAGIX Services\\Database\\bin\\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\\Program Files\\Common Files\\MAGIX Services\\Database\\bin\\fbserver.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\\Program Files\\ICQ6Toolbar\\ICQ Service.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\\Windows\\system32\\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\\Program Files\\Common Files\\Protexis\\License Service\\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\\Program Files\\CyberLink\\Shared files\\RichVideo.exe

--
End of file - 9907 bytes

folgende Fehlermeldung erscheint im Explorer: res://ieframe.dll/acr_error.htm

Vielen Dank für hilfreiche Tipps!