Hilfe - Probleme mit Krepper und Konsorten

pxt

Hallo,
ich hatte ein Probelem mit SmitfraudC, den ich aber dank Anleitung aus den Board "hoffentlich" beseitigt habe.
Escan zeigt aber noch weitere Viren. Wer kann mit helfen diese Viecher los zu werden.
Der IExplorer versucht nach wie vor, sich bei jedem Aufruf des Windows-Explorers in das Internet einzuwählen.

Wer kann mir ein paar Tips geben wie ich den Rechner sauber kriege ??


Logfile of HijackThis v1.99.1
Scan saved at 22:10:25, on 23.05.05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS.000\SYSTEM\KERNEL32.DLL
C:\WINDOWS.000\SYSTEM\MSGSRV32.EXE
C:\WINDOWS.000\SYSTEM\MPREXE.EXE
C:\WINDOWS.000\SYSTEM\DDHELP.EXE
C:\WINDOWS.000\SYSTEM\RNAAPP.EXE
C:\WINDOWS.000\SYSTEM\TAPISRV.EXE
C:\WINDOWS.000\EXPLORER.EXE
C:\PROGRAMME\ZUBEHöR\WORDPAD.EXE
C:\PROGRAMME\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://letgohome.com/hp.htm?id=35463
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.msn.de/
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS.000\SYSTEM\PFO26C~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.000\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS.000\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS.000\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [MGA Control Center] Mgactrl.exe
O4 - HKLM\..\Run: [Colorific Control Panel] C:\Programme\Matrox MGA PowerDesk\Color\hgcctl95.exe
O4 - HKLM\..\Run: [0190 Warner] C:\PROGRA~1\0190WA~1\WARN0190.EXE
O4 - HKLM\..\Run: [Control handler] C:\WINDOWS.000\SYSTEM\M5MDPHT5K9THD.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS.000\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS.000\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: MGA QuickDesk.lnk = C:\Programme\Matrox MGA PowerDesk\qdesk\mgaqdesk.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Programme\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS.000\SYSTEM\Shdocvw.dll
O9 - Extra button: Microsoft AntiSpyware helper - {AE527D20-C264-11D9-AB05-444553540000} - C:\WINDOWS.000\SYSTEM\WLDR.DLL
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AE527D20-C264-11D9-AB05-444553540000} - C:\WINDOWS.000\SYSTEM\WLDR.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AE527D20-C264-11D9-AB05-444553540000} - C:\WINDOWS.000\SYSTEM\WLDR.DLL (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AE527D20-C264-11D9-AB05-444553540000} - C:\WINDOWS.000\SYSTEM\WLDR.DLL (HKCU)
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=

Hier der aktuelle Escan Log:

File C:\WINDOWS.000\SYSTEM\PFO26C3JD2OKG1.DLL infected by "Trojan.Win32.Krepper.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\PFO26C~1.DLL infected by "Trojan.Win32.Krepper.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\M5MDPHT5K9THD.EXE infected by "Trojan.Win32.Krepper.ae" Virus. Action Taken: No Action Taken.
File System Found infected by "Alexa Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "cws.therealsearch Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\pcgh88dbdd77b.dll infected by "Trojan-Downloader.Win32.Small.rr" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\wldr.dll infected by "Trojan-Downloader.Win32.Agent.le" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\1i0l7e0ir9o.dll infected by "Trojan.Win32.Krepper.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\pfo26c3jd2okg1.dll infected by "Trojan.Win32.Krepper.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\TEMP\238324.tmp infected by "Trojan.Win32.Krepper.aj" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\TEMP\46989.tmp infected by "Trojan.Win32.Krepper.aj" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\TEMP\45104.tmp infected by "Trojan.Win32.Krepper.aj" Virus. Action Taken: No Action Taken.
File C:\WIN98\EBD.CAB tagged as not-a-virus:Tool.DOS.Restart. No Action Taken.
File C:\pk263wsp(1).exe infected by "not-a-virus:AdWare.TimeSink" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\pcgh88dbdd77b.dll infected by "Trojan-Downloader.Win32.Small.rr" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\wldr.dll infected by "Trojan-Downloader.Win32.Agent.le" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\1i0l7e0ir9o.dll infected by "Trojan.Win32.Krepper.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\SYSTEM\pfo26c3jd2okg1.dll infected by "Trojan.Win32.Krepper.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\COMMAND\EBD\EBD.CAB tagged as not-a-virus:Tool.DOS.Restart. No Action Taken.
File C:\WINDOWS.000\TEMP\238324.tmp infected by "Trojan.Win32.Krepper.aj" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\TEMP\46989.tmp infected by "Trojan.Win32.Krepper.aj" Virus. Action Taken: No Action Taken.
File C:\WINDOWS.000\TEMP\45104.tmp infected by "Trojan.Win32.Krepper.aj" Virus. Action Taken: No Action Taken.
File C:\sicherung\WINDOWS\COMMAND\EBD\EBD.CAB tagged as not-a-virus:Tool.DOS.Restart. No Action Taken.