Trojaner-Board - BKDR_IOFTPD.B in lssas.exe

tach

spy- & ad-ware scan, virenscan, hijackthis, cwshredder haben nix genützt ...

der müll kann nicht gelöscht werden und im internet hab ich keinen eintrag über so einen trojaner gefunden. :balla:

C:/Windows/system32/lssas.exe = BKDR_IOFTPD.B :pfui:

wie krieg ich das ding wieder wech?

thx & cYa

HijackThis.log

Logfile of HijackThis v1.99.1
Scan saved at 21:13:24, on 16.02.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\Ati2evxx.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\WINDOWS2\system32\Ati2evxx.exe
C:\WINDOWS2\Explorer.EXE
C:\WINDOWS2\system32\SSMS.EXE
C:\WINDOWS2\SYSTEM32\GEARSEC.EXE
C:\WINDOWS2\system32\LSSAS.EXE
C:\Programme\Gamers.Interactive\Gamers.IRC\mirc.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\User\Eigene Dateien\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-online.de/
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programme\Internet Download Manager\IDMIECC.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\RunServices: [ZipGenius Clean] "C:\WINDOWS2\zg.exe" -cleantemp
O8 - Extra context menu item: &Google Search - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download All Links with IDM - C:\Programme\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Programme\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O10 - Unknown file in Winsock LSP: c:\windows2\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows2\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows2\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows2\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows2\system32\idmmbc.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{E82F5551-3538-481C-AFDD-AD985132EE89}: NameServer = 217.237.149.225 217.237.151.97
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS2\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS2\system32\ati2sgag.exe
O23 - Service: COM+ Component Service (COMCSVC) - Unknown owner - C:\WINDOWS2\system32\winmgnt.exe (file missing)
O23 - Service: COM+ System Service (COMSS) - Unknown owner - C:\WINDOWS2\system32\SSMS.EXE
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS2\SYSTEM32\GEARSEC.EXE
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINDOWS2\system32\winmgnt.exe (file missing)