Wer kann mir helfen?! DANKE!!!



Logfile of HijackThis v1.99.0
Scan saved at 21:22:20, on 11.01.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mfcre32.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\Programme\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe
C:\Programme\Spamihilator\spamihilator.exe
C:\Programme\AT-AR215\AT-AR215 USB ADSL WAN Adapter\DSLMON.exe
C:\Programme\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\cmd.exe
C:\WINDOWS\system32\javacn32.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\Wolfi\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis_199.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\pmfqs.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\pmfqs.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\pmfqs.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\pmfqs.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\pmfqs.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\pmfqs.dll/sp.html#12345
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\pmfqs.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer +++ Tuning Edition
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {A0E28E59-8CC5-632E-ECF3-DEF219586734} - C:\WINDOWS\system32\crbu32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Programme\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [gcasServ] "C:\Programme\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [javafz.exe] C:\WINDOWS\system32\javafz.exe
O4 - HKLM\..\Run: [javacn32.exe] C:\WINDOWS\system32\javacn32.exe
O4 - HKLM\..\RunOnce: [GIANTAntiSpywareCleaner] C:\Programme\GIANT Company Software\GIANT AntiSpyware\gcASCleaner.exe
O4 - HKCU\..\Run: [Spamihilator] "C:\Programme\Spamihilator\spamihilator.exe"
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - Global Startup: DSLMON.lnk = C:\Programme\AT-AR215\AT-AR215 USB ADSL WAN Adapter\DSLMON.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Zur Filterliste hinzufügen (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - c95fe080-8f5d-112d-a20b-00aa003c157a - (no file)
O12 - Plugin for .mp3: C:\Programme\Internet Explorer\PLUGINS\npqtplugin4.dll
O12 - Plugin for .mpeg: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {11111111-1111-1111-1111-111111113457} -
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q340925.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFA5BEE9-E0A2-4F49-A299-59071A43BAFA}: NameServer = 217.237.151.161 194.25.2.129
O23 - Service: BrSplService - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Network Security Service (NSS) - Unknown - C:\WINDOWS\system32\mfcre32.exe

@ charungo

überprüfe mit dem online-scan von Kaspersky:

C:\WINDOWS\system32\mfcre32.exe
C:\WINDOWS\system32\javacn32.exe
C:\WINDOWS\system32\crbu32.dll

--> Ergebnis?