Brauche eure Hilfe!!
 

Hallo zusammen!
Würdet ihr bitte mein Log überprüfen:

Logfile of HijackThis v1.99.1
...
[edit]
bitte editiere zukünftig deine links, wie es dir u.a. hier angezeigt wird:
http://www.trojaner-board.de/showpost.php?p=171957&postcount=1

danke
GUA
[/edit]

Habe auch schon einen Online-Check gemacht. Hier das Ergebnis:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Monday, January 02, 2006 14:53:42
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 2/01/2006
Kaspersky Anti-Virus database records: 158420
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
L:\

Scan Statistics:
Total number of scanned objects: 38899
Number of viruses found: 2
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 1772 sec

Infected Object Name - Virus Name
C:\escheck\ECBackup\idemlog.exe.bkp Infected: Backdoor.Win32.Agent.rw
J:\Nachrichten\Brauer.dbx/[From "Jens" <jens@1brauer.de>][Date Sun, 1 Oct 2000 14:21:23 +0200]/UNNAMED/Systemfehler.exe Infected: not-virus:BadJoke.Win32.Delf.m
J:\Nachrichten\Brauer.dbx/[From "Jens" <jens@1brauer.de>][Date Sun, 1 Oct 2000 14:21:23 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Delf.m
J:\Nachrichten\Brauer.dbx Infected: not-virus:BadJoke.Win32.Delf.m

Scan process completed.

Vielen Dank für eure Hilfe. Befürchte allerdings, daß es nicht gut aussieht. :-(

Gruß

Moin

So, hier nochmal das überarbeitete LogFile:


Logfile of HijackThis v1.99.1
Scan saved at 14:55:34, on 02.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
I:\PROGRAMME\INTERNET\ANTIVIR\AVGUARD.EXE
i:\programme\internet\fritz\IGDCTRL.EXE
I:\Programme\Internet\antivir\AVWUPSRV.EXE
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\cisvc.exe
I:\Programme\Internet\vpn\cvpnd.exe
C:\Programme\Brother\ControlCenter2\brctrcen.exe
I:\Programme\ICQLite\ICQLite.exe
I:\Programme\quicktime\iTunesHelper.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
I:\Programme\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
I:\programme\PocketPC\WCESCOMM.EXE
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
I:\Programme\Internet\Fritz\StCenter.exe
I:\Programme\Internet\Fritz\FwebProt.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
i:\programme\PocketPC\WCESMgr.exe
C:\Programme\Microsoft Office\Office\OUTLOOK.EXE
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Dokumente und Einstellungen\D&M\Desktop\spyspotterwebinstall.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
I:\Programme\Winamp\winamp.exe
C:\Dokumente und Einstellungen\D&M\Desktop\h\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Programme\acrobat reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - I:\Programme\norton-internet\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O4 - HKLM\..\Run: [AVGCtrl] "I:\Programme\Internet\antivir\AVGNT.EXE" /min
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [ICQ Lite] I:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [iTunesHelper] "I:\Programme\quicktime\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04a\BrStDvPt.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] I:\Programme\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "I:\programme\PocketPC\WCESCOMM.EXE"
O4 - HKCU\..\RunOnce: [ICQ Lite] I:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: FRITZ!DSL Startcenter.lnk = I:\Programme\Internet\Fritz\StCenter.exe
O4 - Startup: FRITZ!DSL Protect.lnk = I:\Programme\Internet\Fritz\FwebProt.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = I:\Programme\Internet\vpn\vpngui.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Zahlungserinnerung.lnk = I:\Programme\homecash\wzed.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - i:\programme\PocketPC\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - i:\programme\PocketPC\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - i:\programme\PocketPC\INetRepl.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - I:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - I:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: i:\programme\internet\fritz\sarah.dll
O10 - Unknown file in Winsock LSP: i:\programme\internet\fritz\sarah.dll
O10 - Unknown file in Winsock LSP: i:\programme\internet\fritz\sarah.dll
O10 - Unknown file in Winsock LSP: i:\programme\internet\fritz\sarah.dll
O10 - Unknown file in Winsock LSP: i:\programme\internet\fritz\sarah.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - h**p://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - h**p://www.airport-nuernberg.de/_/tools/AxisCamControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{592DFC92-E3B8-43E3-8C6D-050066961A5B}: NameServer = 85.255.114.195,85.255.112.182
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8CDB51A-8FB0-4C7D-9228-DA8AC6754E5A}: NameServer = 85.255.114.195,85.255.112.182
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4C67964-E44E-435E-B377-E624856D285A}: NameServer = 85.255.114.195,85.255.112.182
O17 - HKLM\System\CS2\Services\Tcpip\..\{592DFC92-E3B8-43E3-8C6D-050066961A5B}: NameServer = 85.255.114.195,85.255.112.182
O17 - HKLM\System\CS3\Services\Tcpip\..\{592DFC92-E3B8-43E3-8C6D-050066961A5B}: NameServer = 85.255.114.195,85.255.112.182
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - I:\PROGRAMME\INTERNET\ANTIVIR\AVGUARD.EXE
O23 - Service: AVM IGD CTRL Service - AVM Berlin - i:\programme\internet\fritz\IGDCTRL.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - I:\Programme\Internet\antivir\AVWUPSRV.EXE
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - I:\Programme\Internet\vpn\cvpnd.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - I:\Programme\norton-internet\ISSVC.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
O23 - Service: SAVScan - Unknown owner - I:\Programme\norton-internet\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - I:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe

Danke für eure Hilfe!!

Hat denn keiner einen Tipp für mich???

Würde mich über eine Antwort freuen :)

Besten Dank!!!