awtqp.dll! HELP!

beggar · 24.09.2006, 12:49

Hallo,

mein antivir zeigt fast jede minute den Trojaner "awtqp.dll" an. Dieser lässt sich allerdings nicht löschen. Hier mein HijackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 13:30:06, on 24.09.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Anwendungen\AntiVir PersonalEdition Classic\sched.exe
E:\Anwendungen\AntiVir PersonalEdition Classic\avguard.exe
E:\Anwendungen\Bluetooth\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
E:\Anwendungen\ZoneAlarm\zlclient.exe
E:\Anwendungen\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Internet Explorer\iexplore.exe
E:\Patches\lupe.exe
C:\WINDOWS\system32\GO-TIG~1.SCR
C:\WINDOWS\system32\rundll32.exe
E:\Anwendungen\Mozilla FireFox\firefox.exe
E:\Anwendungen\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w*w.esl.eu/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = h**p://windowsupdate.microsoft.com/
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Anwendungen\ICQLite\ICQToolbar\toolbaru.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Anwendungen\ICQLite\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [Zone Labs Client] E:\Anwendungen\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avgnt] "E:\Anwendungen\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ICQ Lite] "E:\Anwendungen\ICQLite\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [f0870221.exe] C:\WINDOWS\system32\f0870221.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [f0870221.exe] C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\f0870221.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] E:\Anwendungen\ICQLite\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Microsoft Office.lnk = E:\Anwendungen\Office\Office\OSA9.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://E:\Anwendungen\ICQLite\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Senden an &Bluetooth - E:\Anwendungen\Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Spiele\PatyPoker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Spiele\PatyPoker\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Anwendungen\ICQLite\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Anwendungen\ICQLite\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Anwendungen\Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Anwendungen\Bluetooth\btsendto_ie.htm
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://w*w.giga.de/giga-stream-test/Rawflow.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148034646531
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - h**p://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - E:\Anwendungen\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - E:\Anwendungen\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - E:\Anwendungen\Bluetooth\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: UPnPService - Unknown owner - C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Danke schonmal im voraus.

awtqp.dll! HELP!

Plagegeister aller Art und deren Bekämpfung: awtqp.dll! HELP!

awtqp.dll! HELP!