Trojaner-Board - Internet super langsam- PC lahm- StoppAbstürze-

Sorry GUA, :o

habe das das erste Mal gemacht und leider erst zu spät gesehen, daß die URLs noch drin waren. Konnte das dann nicht mehr ändert, weil man nur 60 Minuten ändern kann. Das hat bei mir alles etwas gedauert. Als ich den Text fertig hatte, mußte ich mich neu anmelden und alles nochmal schreiben, weil es weg war und das nach der Änderung, weil ich was vergessen hatte nochmal.

Ich tu mein Hijack this also jetzt nochmal rein, ist das ok?

Logfile of HijackThis v1.99.1
Scan saved at 12:09:53, on 21.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\Programme\Windows Defender\MsMpEng.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
F:\Programme\CA\SharedComponents\Alert\ALERT.EXE
F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
F:\Programme\CA\eTrust Antivirus\InoRpc.exe
F:\Programme\CA\eTrust Antivirus\InoRT.exe
F:\Programme\CA\eTrust Antivirus\InoTask.exe
F:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
F:\WINDOWS\Explorer.EXE
F:\PROGRA~1\CA\ETRUST~1\realmon.exe
F:\Programme\Windows Defender\MSASCui.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Programme\Microsoft Office\Office10\OUTLOOK.EXE
F:\Programme\Microsoft Office\Office10\WINWORD.EXE
F:\Programme\Mozilla Firefox\firefox.exe
F:\DOKUME~1\mein Name\LOKALE~1\Temp\Temporäres Verzeichnis 2 für hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = h**p://search.bearshare.com/search/index.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://search.bearshare.com/search/index.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://search.bearshare.com/search/index.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = h**p://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://F:\Programme\WinSweep\ws.js
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 50.208.97.90:3128
R3 - URLSearchHook: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\programme\google\googletoolbar2.dll
O3 - Toolbar: Vodafone ComBar - {0d042d10-c5bd-410b-b0c9-259b39089b69} - mscoree.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\programme\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O4 - HKLM\..\Run: [Realtime Monitor] F:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [Windows Defender] "F:\Programme\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [MSConfig] F:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InstallShield] F:\WINDOWS\Installer\{CC55BD24-C1A6-4397-8EA3-2F30E74BDA2B}\InocIT.exe
O8 - Extra context menu item: Mit &ComBar senden - F:\Programme\Vodafone\ComBar\SendText.html
O8 - Extra context menu item: Mit ComBar senden - F:\Programme\Vodafone\ComBar\SendImage.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://F:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - h**p://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - h**p://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158483868079
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - h**p://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AB8E7FF-DE48-44A0-8A84-FB71B419C06F}: NameServer = 192.168.178.1
O20 - Winlogon Notify: WgaLogon - F:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - F:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: Alert Notification Server - Computer Associates International, Inc. - F:\Programme\CA\SharedComponents\Alert\ALERT.EXE
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - F:\Programme\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - F:\Programme\Gemeinsame Dateien\AVM\de_serv.exe (file missing)
O23 - Service: eTrust Antivirus Admin Server (InoNmSrv) - Computer Associates International, Inc. - F:\Programme\CA\eTrust Antivirus\InoNmSrv.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - F:\Programme\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - F:\Programme\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - F:\Programme\CA\eTrust Antivirus\InoTask.exe
O23 - Service: NBService - Nero AG - F:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - F:\Programme\SiSoftware\SiSoftware Sandra Lite XI\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - F:\Programme\SiSoftware\SiSoftware Sandra Lite XI\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - F:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - F:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe