Vundogen, Agent-LAP, Tiny-IF, Downloader KK
 

ich bekomme seit 3 tagen von avast meldungen über verschiedene trojaner. ich habe diverse viren posts gelesen und auch schon tools angewendet:

avg anti spyware -> findet nichts
counterspy -> noch nicht gelaufen
vundofix.exe -> findet nichts (avast meldet aber ab und zu vundo)
fsbl -> findet nichts
combofix -> meldete fehler, bereinigte
gmer.exe -> stürzt ab
cleanup -> durchgeführt

hier mein log, vielleicht kann mir jemand noch helfen:

Logfile of HijackThis v1.99.1
Scan saved at 12:25:03, on 22.09.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\AdAware\aawservice.exe
C:\Programme\Avast4\aswUpdSv.exe
C:\Programme\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Virus\AVG Anti-Spy 7.5\guard.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Virus\CounterSpy\SBCSSvc.exe
C:\WINDOWS\system32\slserv.exe
C:\Programme\Avast4\ashMaiSv.exe
C:\Programme\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Programme\Picasa\PicasaMediaDetector.exe
C:\Virus\AVG Anti-Spy 7.5\avgas.exe
C:\WINDOWS\System32\svchost.exe
C:\Virus\CounterSpy\SBCSTray.exe
C:\Programme\Palm Zire 71\HOTSYNC.EXE
C:\Programme\Opera\Opera.exe
C:\Virus\CounterSpy\Counterspy.exe
C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE
D:\Transfer\software\system\virus\diverse\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Programme\Picasa\PicasaMediaDetector
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Virus\AVG Anti-Spy 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SBCSTray] C:\Virus\CounterSpy\SBCSTray.exe
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\cmd.exe /c cd /d C:\ComboFix\ & Combobatch.bat
O4 - Startup: HotSync Manager.lnk = C:\Programme\Palm Zire 71\HOTSYNC.EXE
O4 - Global Startup: HotSync Manager.lnk = C:\Programme\Palm Zire 71\HOTSYNC.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O17 - HKLM\System\CCS\Services\Tcpip\..\{427C1D7A-B7A5-4EA6-B403-501F0496BF33}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE07DCF8-645B-4852-991B-123C27663993}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFDB77B1-CE6B-4F45-AAB4-9A02AA882666}: NameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{427C1D7A-B7A5-4EA6-B403-501F0496BF33}: NameServer = 192.168.2.1
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programme\AdAware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programme\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programme\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Virus\AVG Anti-Spy 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Virus\CounterSpy\SBCSSvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities\WinStylerThemeSvc.exe

Kein Wunder, hier musst Du Dir wohl selber helfen :daumenhoc

problem gelöst, system neu aufgesetzt.