Trojaner-Board - Dmgyb.exe

Logfile of HijackThis v1.99.1
Scan saved at 22:13:33, on 16.01.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS.0\System32\smss.exe
E:\WINDOWS.0\system32\csrss.exe
E:\WINDOWS.0\system32\winlogon.exe
E:\WINDOWS.0\system32\services.exe
E:\WINDOWS.0\system32\lsass.exe
E:\WINDOWS.0\system32\svchost.exe
E:\WINDOWS.0\system32\svchost.exe
E:\Programme\TuneUpUtilities2006\WinStylerThemeSvc.exe
E:\WINDOWS.0\System32\svchost.exe
E:\WINDOWS.0\system32\svchost.exe
E:\WINDOWS.0\system32\svchost.exe
E:\WINDOWS.0\Explorer.EXE
E:\WINDOWS.0\system32\svchost.exe
E:\WINDOWS.0\system32\spoolsv.exe
E:\Programme\Alwil Software\Avast4\aswUpdSv.exe
E:\Programme\Alwil Software\Avast4\ashServ.exe
E:\Programme\avmwlanstick\WlanNetService.exe
E:\WINDOWS.0\system32\nvsvc32.exe
E:\Programme\CyberLink\Shared files\RichVideo.exe
E:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
E:\Programme\Alwil Software\Avast4\ashMaiSv.exe
E:\Programme\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS.0\System32\alg.exe
E:\WINDOWS.0\TBPanel.exe
E:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
E:\Programme\avmwlanstick\wlangui.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Programme\Trend Micro\Tmasy\Tmasy.exe
E:\WINDOWS.0\system32\wbem\wmiprvse.exe
E:\Programme\Internet Explorer\iexplore.exe
E:\Programme\WinRAR\WinRAR.exe
E:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\Rar$EX00.547\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shop.alcohol-soft.com/campain.php?campain=20nov_update120&forwardpage=http://www.alcohol-soft.com/landing.php
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Gainward] E:\WINDOWS.0\TBPanel.exe /A
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS.0\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LanguageShortcut] E:\Programme\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [AVMWlanClient] E:\Programme\avmwlanstick\wlangui.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [WinUpdate] "E:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\1572046.exe "
O4 - HKCU\..\Run: [WinUpgrade] "E:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\1572015.exe "
O4 - HKCU\..\Run: [WinMedia] E:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\1571968.exe
O4 - Startup: Trend Micro Anti-Spyware.lnk = E:\Programme\Trend Micro\Tmasy\Tmasy.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://E:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://god.t-online.de/download/ExentCtl.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{621C175F-3C2F-4908-A5D0-1B013C8BDAEF}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CCS\Services\Tcpip\..\{B27B003A-5982-4BBB-A066-9BDD781C48FF}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CCS\Services\Tcpip\..\{E35C1DF3-3F53-495B-B959-239721086034}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.77 85.255.112.159
O17 - HKLM\System\CS1\Services\Tcpip\..\{621C175F-3C2F-4908-A5D0-1B013C8BDAEF}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.77 85.255.112.159
O17 - HKLM\System\CS2\Services\Tcpip\..\{621C175F-3C2F-4908-A5D0-1B013C8BDAEF}: NameServer = 85.255.115.77,85.255.112.159
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.77 85.255.112.159
O21 - SSODL: CDRecorder029 - {A3BC5E20-0235-1ABF-9CE1-00AA00512029} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - E:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Programme\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Programme\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Programme\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Programme\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVM WLAN Connection Service - AVM Berlin - E:\Programme\avmwlanstick\WlanNetService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - E:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - E:\Programme\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - E:\Programme\TuneUpUtilities2006\WinStylerThemeSvc.exe

Ich hoffe du kannst damit was anfangen:confused: