Hello,
here is the newest HiJack log:
Logfile of HijackThis v1.99.1
Scan saved at 08:00:03, on 19.08.2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\hpserver\AsrSrvc.Exe
C:\Programme\Gemeinsame Dateien\Softwin\bdregsvr2.exe
C:\WINNT\System32\cisvc.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\hpserver\hpesysvc.exe
C:\WINNT\hpserver\hpevtsvc.exe
C:\WINNT\hpserver\hpipmsvc.exe
C:\WINNT\hpserver\hplersvc.exe
C:\WINNT\HPServer\HPLER.EXE
C:\WINNT\hpserver\hppfmsvc.Exe
C:\WINNT\hpserver\hprccsvc.exe
C:\WINNT\hpserver\hpsdnsvc.exe
C:\Programme\Hewlett-Packard\InstantTopTools\web\hpwebsvc.exe
C:\Programme\Hewlett-Packard\InstantTopTools\web\webs.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\netinfo.exe
C:\Programme\Gemeinsame Dateien\Softwin\XLog\nplogger.exe
C:\WINNT\system32\ntfrs.exe
C:\WINNT\System32\locator.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\snmp.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\ias\temp\winmsg.exe
C:\Programme\TightVNC\WinVNC.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Softwin\Live\xlivesvr.exe
C:\Programme\Gemeinsame Dateien\Softwin\npcoresrv.exe
C:\Programme\Gemeinsame Dateien\Softwin\Statistics\BDstat.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\ismserv.exe
C:\Programme\Softwin\BitDefender for File Servers\bdfs.exe
C:\WINNT\System32\snmptrap.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\cidaemon.exe
C:\WINNT\Explorer.EXE
C:\Programme\Microsoft AntiSpyware\gcasServ.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
D:\MSSQL7\Binn\sqlmangr.exe
C:\WINNT\system32\taskmgr.exe
C:\Programme\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINNT\system32\mmc.exe
D:\web\downloads\tools\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [backup.exe] D:\IMAIL\backup.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Programme\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [gcasServ] "C:\Programme\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: taskmgr.lnk = C:\WINNT\system32\taskmgr.exe
O4 - Global Startup: Dienst-Manager.lnk = D:\MSSQL7\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky...can_unicode.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) -
http://housecall.tre...all/Xscan53.cabO16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://instantsuppor...alls/isetup.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoft...free/asinst.cabO16 - DPF: {D289E463-771A-4964-B664-F3020E751A56} -
http://acs.pandasoft...22-0/srpush.cabO16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer Class) -
http://www.pandasoft...5/ASPROinst.cabO16 - DPF: {E43DF60D-D6FA-42AB-921C-FE0A023C5BE1} (eWebEditProLibCtl.eWebEditPro) -
http://cms.bitforbit...ewebeditpro.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = wwwbfb.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{6171A926-9049-4CC9-BD2D-415DEB27C578}: NameServer = 213.185.130.100,213.185.129.136
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = wwwbfb.local
O23 - Service: AsrSrvc - Unknown owner - C:\WINNT\hpserver\AsrSrvc.Exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Programme\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BitDefender for File Servers (BDFS) - Unknown owner - C:\Programme\Softwin\BitDefender for File Servers\bdfs.exe
O23 - Service: BitDefender NPCore (BDNPCORE) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\npcoresrv.exe
O23 - Service: BitDefender Registry v2 (BDREGISTRY) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\bdregsvr2.exe
O23 - Service: BitDefender Statistics (BDSTATSRV) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\Statistics\BDstat.exe
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: IMail FINGER Server (FINGRD32) - Ipswitch, Inc. - D:\IMAIL\FINGRD32.exe
O23 - Service: HPComponent - Unknown owner - C:\DMI\win32\bin\hpcmpsvc.exe
O23 - Service: HPEsySvc - Unknown owner - C:\WINNT\hpserver\hpesysvc.exe
O23 - Service: HPEventLog (HPEvtSvc) - Unknown owner - C:\WINNT\hpserver\hpevtsvc.exe
O23 - Service: HPHswSvc - Unknown owner - C:\WINNT\hpserver\hphswsvc.exe
O23 - Service: hpipmsvc - Unknown owner - C:\WINNT\hpserver\hpipmsvc.exe
O23 - Service: HPLerSvc - Unknown owner - C:\WINNT\hpserver\hplersvc.exe
O23 - Service: HPPfmSvc - Unknown owner - C:\WINNT\hpserver\hppfmsvc.Exe
O23 - Service: HPRccSvc - Unknown owner - C:\WINNT\hpserver\hprccsvc.exe
O23 - Service: HPSdnSvc - Unknown owner - C:\WINNT\hpserver\hpsdnsvc.exe
O23 - Service: hpwebsvc - Unknown owner - C:\Programme\Hewlett-Packard\InstantTopTools\web\hpwebsvc.exe
O23 - Service: IMail LDAP Server (ILDAP) - Ipswitch, Inc. - D:\IMAIL\ILDAP.exe
O23 - Service: IMail IMAP4 Server (IMAP4D32) - Ipswitch, Inc. - D:\IMAIL\IMAP4D32.exe
O23 - Service: IMail Monitor Service (IMonitor) - Ipswitch, Inc. - D:\IMAIL\IMonitor.exe
O23 - Service: IMail Web Calendar Service (IWebCal) - Ipswitch, Inc. - D:\IMAIL\IWebCal.exe
O23 - Service: IMail Web Service (IWEBMSG) - Ipswitch, Inc. - D:\IMAIL\iwebmsg.exe
O23 - Service: netinfo - Unknown owner - C:\WINNT\netinfo.exe
O23 - Service: BitDefender NPLogger (NPLogger) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\XLog\nplogger.exe
O23 - Service: PipeCmd Service (PipeCmdSrv) - Unknown owner - C:\WINNT\system32\PipeCmdSrv.exe (file missing)
O23 - Service: IMail POP3 Server (POP3D32) - Ipswitch, Inc. - D:\IMAIL\POP3D32.exe
O23 - Service: IMail PWD Server (PSERVE) - Ipswitch, Inc. - D:\IMAIL\PSERVE.exe
O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINNT\system32\Rpcmon.exe (file missing)
O23 - Service: IMail SMTP Server (SMTPD32) - Ipswitch, Inc. - D:\IMAIL\SMTPD32.exe
O23 - Service: IMail Sys Logger Service (SYSLOGD) - Ipswitch, Inc. - D:\IMAIL\SYSLOGD.exe
O23 - Service: IMail WHOIS Server (WHOISD32) - Ipswitch, Inc. - D:\IMAIL\WHOISD32.exe
O23 - Service: Win32SL - Smart Technology Enablers - C:\DMI\win32\bin\win32sl.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Programme\TightVNC\WinVNC.exe" -service (file missing)
O23 - Service: BitDefender Update Service (XLiveSvr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\Live\xlivesvr.exe
Regards,