HILFE!!! Habe ein Problem mit ...TR/Lefeat

Santos

Hallo zusammen,

habe ein Problem mit dem Trojaner TR/Lefeat.DLL - AntiVIR & ANTI-Spy.info ohne jeglichen Erfolg durchlaufen lassen :-(

Kann mir jemand helfen ?

anbei das Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 23:49:50, on 28.02.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
E:\AVPersonal\AVGUARD.EXE
E:\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\d3bu.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
C:\WINDOWS\netce32.exe
E:\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
E:\ISpy\ISpy.exe
E:\Phone\Skype.exe
C:\Programme\FRITZ!\IWatch.exe
C:\Programme\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\WINDOWS\twain_32\A4CIS600\WATCH.exe
E:\Anti-Spy.Info\AntiSpy.exe
C:\Programme\Internet Explorer\iexplore.exe
F:\Programme\Internet\Anti-Spyware-virus-tuner\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\vrdwa.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vrdwa.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\vrdwa.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\vrdwa.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\vrdwa.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\vrdwa.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\vrdwa.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {94FD5399-31A3-8A09-5871-0DA2D6C8E837} - C:\WINDOWS\sdkxk.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [eDonkey2000] C:\Programme\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [Microsoft CONFIG] winmx.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [netce32.exe] C:\WINDOWS\netce32.exe
O4 - HKLM\..\Run: [AVGCtrl] E:\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [Security iGuard] E:\Security iGuard\Security iGuard.exe
O4 - HKLM\..\RunServices: [Microsoft CONFIG] winmx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISpy] E:\ISpy\ISpy.exe
O4 - HKCU\..\Run: [Microsoft CONFIG] winmx.exe
O4 - HKCU\..\Run: [Skype] "E:\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Spyware Vanisher] E:\spywarevanisher-free\FreeScanner.exe -FastScan
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS600\WATCH.exe
O4 - Global Startup: ISDNWatch.lnk = C:\Programme\FRITZ!\IWatch.exe
O4 - Global Startup: ZDWLan Utility.lnk = C:\Programme\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: Hilfe zu i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Hilfe zu i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_1_3.dll
O9 - Extra 'Tools' menuitem: Optionen für i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_1_3.dll
O16 - DPF: Win32 Classes -
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.de/scan/Msie/bitdefender.cab
O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdateV3 - Activex Control) - http://support.fujitsu-siemens.de/De...pi/activex.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5FA8664-4842-4750-B456-877AD0AE113D}: NameServer = 192.168.120.252,192.168.120.253
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - E:\AVPersonal\AVWUPSRV.EXE
O23 - Service: Workstation NetLogon Service (� 6QÔõ'ª´ÆÐ8) - Unknown owner - C:\WINDOWS\system32\d3bu.exe

Vorab schon mal Danke!