Trojaner-Board - Trojanisches Pferd

Hallo Chris 14
hab die entsprechenden Einträge in der regedit schon versucht zu überschreiben... erfolglos

Logfile of HijackThis v1.98.2
Scan saved at 11:40:15, on 26.01.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\Programme\Bluetooth Software\BTTray.exe
C:\Programme\Kodak\KODAK Bildübertragungssoftware\pts.exe
C:\WINDOWS\twain_32\A4CIS600\WATCH.exe
C:\Programme\Bluetooth Software\BTStackServer.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\PROGRA~1\Borland\INTERB~1\Bin\IBGuard.EXE
C:\Programme\RVS\WCOM\SYSTEM\RVSINST.EXE
C:\Programme\RVS\WCOM\SYSTEM\RVSCC.EXE
C:\PROGRA~1\Borland\INTERB~1\Bin\ibserver.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\XP\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOKUME~1\XP\LOKALE~1\Temp\sp.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOKUME~1\XP\LOKALE~1\Temp\sp.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von 1 & 1 Internet AG
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {79EC5BCA-A7C9-4FCD-B59C-E3CBB709AEB1} - C:\WINDOWS\System32\fhla.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [iefi.exe] C:\WINDOWS\iefi.exe
O4 - HKLM\..\Run: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\RunServices: [Windows Security Assistant] C:\WINDOWS\system32\rundll32.vbe
O4 - HKCU\..\Run: [System Update4] c:\dokume~1\xp\anwend~1\system.exe
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS600\WATCH.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: KODAK Bildübertragungssoftware.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O12 - Plugin for .mpeg: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {1F831FA3-42FC-11D4-95A6-0080AD30DCE1} (InstaFred Control)
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.de/scan/Msie/bitdefender.cab

O18 - Filter: text/html - {7C0F661D-7EDF-4A09-9FF1-8AD1A7B3FDEC} - C:\WINDOWS\System32\fhla.dll
O18 - Filter: text/plain - {7C0F661D-7EDF-4A09-9FF1-8AD1A7B3FDEC} - C:\WINDOWS\System32\fhla.dll