Blauer Desktop mit Virenwarnung

Sere2001

hallo,

nachdem ich neu bin und erst nal falsch gepostet hab, sorry dafür, jetzt der neue versuch mit meiner logfile von hijacker...




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:51:40, on 03.08.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programme\Canon\MultiPASS4\MPSERVIC.EXE
C:\Programme\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\slserv.exe
C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
C:\WINDOWS\system32\lphcg2sj0eg57.exe
C:\Programme\Microsoft Security Adviser\msctrl.exe
C:\Programme\Microsoft Security Adviser\msavsc.exe
C:\Programme\Microsoft Security Adviser\msscan.exe
C:\Programme\Microsoft Security Adviser\msiemon.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Programme\Microsoft Security Adviser\msfw.exe
C:\WINDOWS\system32\sysrest32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\Microsoft Security Adviser\mssadv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Opera\Opera.exe
C:\microsoft\svchost.exe
C:\microsoft\svchost.exe
C:\microsoft\svchost.exe
C:\microsoft\svchost.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\microsoft\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.finderg.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.gericom.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BhoApp Class - {45531D08-A710-B0E6-14C1-D4E2BEA6B724} - C:\Programme\altcmd\altcmd32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NBDriver] D:\NBDriver.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [lphcg2sj0eg57] C:\WINDOWS\system32\lphcg2sj0eg57.exe
O4 - HKLM\..\Run: [msctrl.exe] C:\Programme\Microsoft Security Adviser\msctrl.exe
O4 - HKLM\..\Run: [msavsc.exe] C:\Programme\Microsoft Security Adviser\msavsc.exe
O4 - HKLM\..\Run: [msscan.exe] C:\Programme\Microsoft Security Adviser\msscan.exe
O4 - HKLM\..\Run: [msiemon.exe] C:\Programme\Microsoft Security Adviser\msiemon.exe
O4 - HKLM\..\Run: [msfw.exe] C:\Programme\Microsoft Security Adviser\msfw.exe
O4 - HKLM\..\Run: [sysrest32.exe] C:\WINDOWS\system32\sysrest32.exe
O4 - HKCU\..\Run: [msctrl.exe] C:\Programme\Microsoft Security Adviser\msctrl.exe
O4 - HKCU\..\Run: [msavsc.exe] C:\Programme\Microsoft Security Adviser\msavsc.exe
O4 - HKCU\..\Run: [msscan.exe] C:\Programme\Microsoft Security Adviser\msscan.exe
O4 - HKCU\..\Run: [msiemon.exe] C:\Programme\Microsoft Security Adviser\msiemon.exe
O4 - HKCU\..\Run: [msfw.exe] C:\Programme\Microsoft Security Adviser\msfw.exe
O4 - HKLM\..\Policies\Explorer\Run: [CDriver] c:\microsoft\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [DDriver] c:\microsoft\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [alpha] c:\microsoft\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [beta] c:\microsoft\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [gamma] c:\microsoft\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SystemDriverLoad] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [SystemDriver] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [FDriver] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ADriver] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [CDriver] c:\microsoft\svchost.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DDriver] c:\microsoft\svchost.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [alpha] c:\microsoft\svchost.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [beta] c:\microsoft\svchost.exe (User 'SYSTEM')