Rechner nicht ganz sauber ..

#1 hallo ihr lieben

ich habe seit 2 Tagen folgendes Problem

nach ( versehentlicher -.- ) windows updaterei spinnt mein PC

1. Programme funktioniern nicht mehr (icq MSN windows mediaplayer..)
2. Es lässt sich nichts mehr installieren.. kriege häufiger die fehlermeldung:

Fehler 2849. interner Fehler 2894. 126

3. AVG findet nichts ..

#2 Abarbeiten:

http://board.protecus.de/t23188.htm

#3 oook...

nach längerer Pause nun meine Logs :

1. Bei Combofix kackt der PC ab und Bluescreen während das Programm das logfile erstellen will

2. Hier is Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 18:13, on 2008-02-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\Dit.exe
C:\Programme\Gemeinsame Dateien\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\lcdmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDClock.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\mmc.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Eigene Datein\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fritz.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.versatel.de/internet-cd/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Programme\Gemeinsame Dateien\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Programme\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - D:\Online\partypoker\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - D:\Online\partypoker\PartyPokerNet\RunPF.exe (file missing)
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.msn.de
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.johannrain-softwareentwicklung.de/DE/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143388806421
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{07119AB0-4AC1-4F29-8BC2-AB399EC0F2FB}: NameServer = 217.237.151.51,217.237.149.205
O17 - HKLM\System\CS3\Services\Tcpip\..\{07119AB0-4AC1-4F29-8BC2-AB399EC0F2FB}: NameServer = 217.237.151.51,217.237.149.205
O17 - HKLM\System\CS4\Services\Tcpip\..\{07119AB0-4AC1-4F29-8BC2-AB399EC0F2FB}: NameServer = 217.237.151.51,217.237.149.205
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Media Connect (WMC) (WmcCds) - Unknown owner - c:\programme\windows media connect\mswmccds.exe (file missing)
O23 - Service: Windows Media Connect-Hilfsprogramm (WmcCdsLs) - Unknown owner - C:\Programme\Windows Media Connect\mswmcls.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe





und hier Datfind :

.
.
Bitte nur die Eintraege der letzten 3 Monate pro Ordner posten
.
.
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\WINDOWS\system32

2008-02-06 17:38 2,206 wpa.dbl
2008-02-06 17:38 55,080 vsconfig.xml
2008-02-06 17:37 88,148 nvapps.xml
2008-02-02 14:50 378,446 perfh009.dat
2008-02-02 14:50 389,568 perfh007.dat
2008-02-02 14:50 52,184 perfc009.dat
2008-02-02 14:50 63,176 perfc007.dat
2008-02-02 14:50 886,130 PerfStringBackup.INI
2007-12-30 12:28 302,032 FNTCACHE.DAT
2007-12-30 12:24 138,738 TZLog.log
2007-12-02 15:00 18,684,536 MRT.exe

.
.
.
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\DOKUME~1\JORDI\LOKALE~1\Temp

2008-02-06 18:17 112,247 datfind.txt
2008-02-06 18:15 32,768 ~DFD809.tmp
2008-02-06 18:13 16,384 ~DF3206.tmp
2008-02-06 18:12 211,254 a9d9_appcompat.txt
2008-02-06 18:12 211,254 83e1_appcompat.txt
2008-02-06 17:37 16,384 Perflib_Perfdata_218.dat
2008-02-05 18:19 16,384 ~DF8051.tmp
2008-02-05 17:41 32,768 ~DF305C.tmp
2008-02-04 16:51 30,616 5c8e_appcompat.txt
2008-02-04 16:51 16,384 ~DF36F4.tmp
2008-02-04 16:51 16,384 ~DF36CF.tmp
2008-02-04 16:51 16,384 ~DF3719.tmp
2008-02-04 16:51 16,384 ~DF36AA.tmp
2008-02-04 16:33 16,384 ~DFF0B6.tmp
2008-02-04 14:40 0 azw2A.tmp
2008-02-04 14:34 0 txp15.tmp
2008-02-04 14:11 40,500 47f4_appcompat.txt
2008-02-04 13:51 32,768 ~DF54A5.tmp
18 Datei(en) 835,247 Bytes
0 Verzeichnis(se), 44,746,932,224 Bytes frei
.
.
.
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\WINDOWS

2008-02-06 18:15 1,082,836 WindowsUpdate.log
2008-02-06 18:15 262,986 setupapi.log
2008-02-06 17:38 0 0.log
2008-02-06 17:38 4,568 ModemLog_Creatix V.92 Data Fax Modem.txt
2008-02-06 17:37 50 wiaservc.log
2008-02-06 17:37 159 wiadebug.log
2008-02-06 17:37 2,048 bootstat.dat
2008-02-05 23:01 32,536 SchedLgU.Txt
2008-02-03 18:57 227 system.ini
2008-01-26 19:01 322,853 Directx.log
2008-01-26 19:00 255,856 comsetup.log
2008-01-26 19:00 124,636 iis6.log
2008-01-26 19:00 1,374 imsins.log
2008-01-26 19:00 6,075 WIC.log
2008-01-26 19:00 43,117 ocmsn.log
2008-01-26 19:00 304,493 tsoc.log
2008-01-26 19:00 156,762 ntdtcsetup.log
2008-01-26 19:00 39,319 msgsocm.log
2008-01-26 19:00 383,991 ocgen.log
2008-01-26 19:00 775,572 FaxSetup.log
2008-01-13 16:59 91,548 ntbtlog.txt
2008-01-02 17:27 717 win.ini
2008-01-02 17:16 65,385 KB893803v2.log
2008-01-02 17:05 877 MSI30-KB884016.log
2008-01-02 16:30 1,084,218 setupapi.log.0.old
2008-01-01 23:51 1,056 setupact.log
2008-01-01 17:17 196,919 wmsetup.log
2007-12-30 18:12 50,208 KB892130.log
2007-12-30 14:59 20,260 DPINST.LOG
2007-12-30 12:27 1,393 imsins.BAK
2007-12-30 12:27 38,187 KB927779.log
2007-12-30 12:27 80,964 updspapi.log
2007-12-30 12:27 35,185 KB927802.log
2007-12-30 12:26 27,495 KB943460.log
2007-12-30 12:26 34,164 KB928255.log
2007-12-30 12:26 34,802 KB931784.log
2007-12-30 12:26 22,833 KB923723.log
2007-12-30 12:26 25,338 KB933729.log
2007-12-30 12:26 31,737 KB936021.log
2007-12-30 12:26 30,919 KB938828.log
2007-12-30 12:26 24,678 KB927891.log
2007-12-30 12:26 35,033 KB921503.log
2007-12-30 12:26 35,393 KB938829.log
2007-12-30 12:25 35,236 KB925902.log
2007-12-30 12:24 31,451 KB926436.log
2007-12-30 12:24 43,541 KB942763.log
2007-12-30 12:24 31,763 KB930178.log
2007-12-30 12:23 76,172 KB941569.log
2007-12-30 12:23 38,250 KB932168.log
2007-12-30 12:23 47,620 KB942615-IE7.log
2007-12-30 12:23 9,650 KB939683.log
2007-12-30 11:06 13,413 KB924667.log
2007-12-30 11:06 15,609 KB931261.log
2007-12-30 11:06 15,445 KB936357.log
2007-12-30 11:04 57,973 spupdsvc.log
2007-12-30 01:54 16,408 KB941202.log
2007-12-30 01:54 16,612 KB918118.log
2007-12-30 01:54 16,408 KB941568.log
2007-12-30 01:54 11,785 KB929399.log
2007-12-30 01:53 16,549 KB935840.log
2007-12-30 01:53 16,375 KB930916.log
2007-12-30 01:52 16,988 KB938127-IE7.log
2007-12-30 01:52 289,020 msxml4-KB936181-enu.LOG
2007-12-30 01:52 16,192 KB935839.log
2007-12-30 01:52 11,071 KB936782.log
2007-12-30 01:51 16,289 KB944653.log
2007-12-30 01:51 15,855 KB928843.log
2007-12-30 01:50 6,435 KB929123.log
2007-12-20 16:48 202 NeroDigital.ini
2007-12-10 23:29 498,992 Kenny vs Spenny.scr
2007-11-30 19:25 1,567 DIFx.log


Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\WINDOWS\temp

2008-02-06 17:38 409 WGANotify.settings
2008-02-06 17:37 256 ZLT07063.TMP
2008-02-06 17:37 256 ZLT07056.TMP
2008-02-06 17:37 255 WGAErrLog.txt
2008-02-04 13:32 0 T30DebugLogFile.txt
5 Datei(en) 1,176 Bytes
0 Verzeichnis(se), 44,746,915,840 Bytes frei
.
.
.
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\WINDOWS\Downloaded Program Files

2008-01-02 05:04 327,451 vet.da1
2007-11-19 01:18 13,076,520 vet.dat
2007-10-21 21:40 2,305 kavwebscan.inf
2007-10-15 10:11 320 wlscBase.inf
2007-10-15 10:02 465,472 wlscBase.dll




Hoffe das bringt euch meinem Problem schon etwas näher..
danke schonmal im vorraus


Gummiwurst

#4 Hallo Gummiwurst.

1.
lade
LSPfix - schreibe mir, welche dll du rechts oder links vorfindest.
http://www.spychecker.com/program/lspfix.html

der Winsock von deinem Rechner ist mit webhancer verseucht ..

----

2.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint

Zitat

cd\
dir "C:\WINDOWS\Downloaded Program Files" >>files.txt
dir "C:\Programme\Common Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%" >>files.txt
dir "C:\Program Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temporary Internet Files\Content.IE5" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temp" >>files.txt
dir "C:\WINDOWS\Temp" >>files.txt
dir "C:\Temp" >>files.txt
dir "C:\Programme" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten" >>files.txt
dir "C:\Programme\Gemeinsame Dateien" >>files.txt
dir "C:\Windows\tasks" >>files.txt
notepad files.txt

__________
Gruss
Pinguin

bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/

#5 danke erstmal für die schnelle antwort

hier erstma die files von LSP- fix

Links :

mswsock.dll TCP / IP
winrnr.dll NTDS
webhdll.dll (Protocol handler)
rsvpsp.dll (Protocol handler)

Rechts ist keinerlei Datei zu sehn.


hier ist der listen.bat auswurf. :

Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\WINDOWS\Downloaded Program Files

2007-03-07 00:59 300,680 arclib.dll
2004-12-07 16:07 32 bdcore.dll
2005-03-01 14:08 118,784 bdupd.dll
2007-03-28 10:06 541 ca.pub
2007-05-07 16:38 500,120 daas_s.dll
2005-02-09 15:54 1,271 erma.inf
2007-05-07 16:39 192,920 fsauc.dll
2007-05-07 16:39 254,360 fscax.dll
2007-04-13 15:52 482 fscax.inf
2005-03-01 14:08 53,248 ipsupd.dll
2005-11-10 13:05 876 jinstall-1_5_0_06.inf
2007-10-21 21:40 2,305 kavwebscan.inf
2005-03-09 15:34 7,225 lang.ini
2004-12-07 16:07 32 libfn.dll
2005-03-02 13:43 126 live.ini
2007-02-22 22:41 304,544 MessengerStatsPAClient.dll
2005-01-17 17:09 227 opuc.inf
2005-03-01 11:15 1,246 oscan8.inf
2005-03-09 15:40 475,136 oscan8.ocx
2005-03-09 15:44 7,276 scanoptions.tsi
2007-06-11 11:21 5,021 swflash.inf
2008-01-02 05:04 327,451 vet.da1
2007-11-19 01:18 13,076,520 vet.dat
2007-07-13 05:11 1,353,016 vete.dll
2006-11-20 12:02 180,282 webscan.dll
2006-07-21 12:55 477 webscan.inf
2007-10-15 10:02 465,472 wlscBase.dll
2007-10-15 10:11 320 wlscBase.inf
2005-05-26 03:19 291 wuweb.inf
29 Datei(en) 17,630,281 Bytes
0 Verzeichnis(se), 44,637,540,352 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Programme\Common Files

2007-03-20 20:30 <DIR> .
2007-03-20 20:30 <DIR> ..
2007-03-20 20:30 <DIR> Borland Shared
2005-03-15 15:18 <DIR> X10
0 Datei(en) 0 Bytes
4 Verzeichnis(se), 44,637,540,352 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Dokumente und Einstellungen\JORDI

2008-02-06 22:56 <DIR> .
2008-02-06 22:56 <DIR> ..
2006-07-29 18:42 0 00AF1470_kds.xml
2006-06-15 19:53 0 00AF1E48_kds.xml
2006-08-13 22:40 0 00AF1FE0_kds.xml
2006-08-14 10:06 0 00AF20B0_kds.xml
2006-07-25 10:52 0 00AF2528_kds.xml
2006-08-25 14:26 0 00AF7FA8_kds.xml
2006-08-21 13:22 0 00AF7FC0_kds.xml
2006-08-28 13:18 0 00AF80B0_kds.xml
2006-08-15 18:24 0 00AF84C8_kds.xml
2006-09-14 16:11 192 00AF8C20_kds.xml
2006-06-02 11:17 0 00B00400_kds.xml
2006-06-04 09:01 0 00B00C18_kds.xml
2006-05-10 15:14 192 00B14BC0_kds.xml
2006-05-10 21:16 0 00B14C50_kds.xml
2006-05-12 12:41 0 00B14CC8_kds.xml
2006-05-21 11:12 0 00B15268_kds.xml
2006-05-19 14:17 0 00B15408_kds.xml
2006-05-23 11:14 0 00B156D0_kds.xml
2006-05-23 17:18 0 00B15760_kds.xml
2006-05-23 23:29 0 00B15768_kds.xml
2006-05-24 08:30 0 00B157D8_kds.xml
2006-05-24 11:38 0 00B15850_kds.xml
2006-05-26 15:59 0 00B158A0_kds.xml
2006-05-29 13:03 0 00B15B88_kds.xml
2006-05-29 16:07 0 00B15BA8_kds.xml
2006-05-29 19:10 0 00B15BE8_kds.xml
2006-05-30 01:12 0 00B15C20_kds.xml
2006-05-29 22:10 0 00B15C50_kds.xml
2006-05-30 07:16 0 00B15C58_kds.xml
2006-05-30 04:14 0 00B15C98_kds.xml
2006-05-30 13:19 0 00B15CB8_kds.xml
2006-05-30 10:18 0 00B15CC8_kds.xml
2006-05-30 16:33 0 00B15D28_kds.xml
2006-06-02 08:17 0 00B15E48_kds.xml
2006-05-30 19:34 0 00B15EE0_kds.xml
2006-06-01 21:28 0 00B15FA0_kds.xml
2006-06-04 00:00 0 00B16080_kds.xml
2006-06-04 03:01 0 00B160E0_kds.xml
2006-06-05 09:03 0 00B16190_kds.xml
2006-06-05 15:04 0 00B161C8_kds.xml
2006-06-05 18:04 0 00B161F8_kds.xml
2006-06-05 21:05 0 00B16220_kds.xml
2006-06-06 12:19 0 00B16268_kds.xml
2006-06-07 09:45 0 00B16308_kds.xml
2006-06-06 21:21 0 00B16348_kds.xml
2006-06-07 15:45 0 00B16388_kds.xml
2006-06-08 12:32 0 00B16488_kds.xml
2006-06-09 08:23 0 00B164C0_kds.xml
2006-06-09 14:09 0 00B16520_kds.xml
2006-06-08 18:33 0 00B16588_kds.xml
2006-06-10 09:20 0 00B165D0_kds.xml
2006-06-08 21:34 0 00B165F8_kds.xml
2006-05-23 14:14 0 00B17198_kds.xml
2006-06-07 21:46 0 00B174F8_kds.xml
2006-06-07 12:45 0 00B178B0_kds.xml
2006-12-01 23:54 0 00B5CF78_kds.xml
2006-10-27 14:35 0 00B62410_kds.xml
2006-10-29 11:53 0 00B62440_kds.xml
2006-10-30 14:09 0 00B628D0_kds.xml
2006-10-29 20:15 0 00B62908_kds.xml
2006-10-20 15:18 0 00B62D88_kds.xml
2006-10-19 14:42 0 00B63AD8_kds.xml
2006-10-28 18:37 0 00B68268_kds.xml
2006-10-26 15:27 192 00B682C8_kds.xml
2006-10-30 22:09 0 00B68F28_kds.xml
2006-11-03 16:38 0 00B68F30_kds.xml
2006-10-27 22:35 0 00B69040_kds.xml
2006-11-19 10:16 0 00B69548_kds.xml
2006-11-11 18:14 0 00B695C0_kds.xml
2006-11-06 14:10 0 00B696A0_kds.xml
2006-11-13 18:08 0 00B69868_kds.xml
2006-11-05 19:35 0 00B698C0_kds.xml
2006-11-07 16:59 0 00B699C8_kds.xml
2006-11-27 06:48 0 00B69EE0_kds.xml
2006-11-29 15:21 0 00B6A000_kds.xml
2006-11-26 13:19 0 00B6AF88_kds.xml
2006-12-16 11:36 0 00D16E70_kds.xml
2006-12-19 16:22 0 00D73458_kds.xml
2007-01-02 12:37 0 00D74E48_kds.xml
2007-02-22 08:01 192 00D755B0_kds.xml
2007-03-29 07:15 0 00D757E0_kds.xml
2007-05-02 15:13 0 00D76430_kds.xml
2007-01-05 15:34 0 00D7A7B8_kds.xml
2007-01-10 15:27 0 00D7A9B0_kds.xml
2007-02-26 10:49 0 00D7B3E0_kds.xml
2007-03-06 17:35 0 00D7B968_kds.xml
2007-04-29 10:51 0 00D7C640_kds.xml
2007-04-14 15:30 0 00D7D008_kds.xml
2005-06-15 12:48 <DIR> Application Data
2006-12-01 14:48 <DIR> Contacts
2007-12-31 12:54 144 default.pls
2008-02-07 14:44 <DIR> Desktop
2007-11-07 16:42 <DIR> Eigene Dateien
2008-01-04 04:06 <DIR> Favoriten
2007-06-19 07:42 14 getfile.dat
2008-02-07 09:32 14,155,776 ntuser.dat
2006-10-26 14:33 <DIR> Phone Browser
2007-12-06 20:41 <DIR> Startmenü
2005-09-03 14:02 <DIR> WINDOWS
2007-06-19 08:06 3,136 x_dtrace_log
92 Datei(en) 14,159,838 Bytes
10 Verzeichnis(se), 44,637,536,256 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Program Files

2008-01-02 19:50 <DIR> .
2008-01-02 19:50 <DIR> ..
2006-05-31 13:36 <DIR> ICQLite
0 Datei(en) 0 Bytes
3 Verzeichnis(se), 44,637,536,256 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Dokumente und Einstellungen\JORDI\Lokale Einstellungen\Temporary Internet Files\Content.IE5

Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Dokumente und Einstellungen\JORDI\Lokale Einstellungen\Temp

2008-02-07 14:39 <DIR> .
2008-02-07 14:39 <DIR> ..
2008-02-04 14:11 40,500 47f4_appcompat.txt
2008-02-04 16:51 30,616 5c8e_appcompat.txt
2008-02-06 18:12 211,254 83e1_appcompat.txt
2008-02-06 18:12 211,254 a9d9_appcompat.txt
2008-02-04 14:40 0 azw2A.tmp
2008-02-06 18:17 130,060 datfind.txt
2008-02-07 09:10 0 fkw23.tmp
2008-02-07 09:03 0 g4y15.tmp
2008-02-06 18:11 <DIR> hsperfdata_JORDI
2008-02-07 14:29 16,384 Perflib_Perfdata_1c8.dat
2008-02-05 23:00 <DIR> plugtmp
2008-02-04 14:34 0 txp15.tmp
2008-02-04 23:44 <DIR> VBE
2008-02-07 14:29 <DIR> WPDNSE
2008-02-07 09:10 0 zd524.tmp
2008-02-07 08:56 32,768 ~DF157C.tmp
2008-02-05 17:41 32,768 ~DF305C.tmp
2008-02-04 16:51 16,384 ~DF36AA.tmp
2008-02-04 16:51 16,384 ~DF36CF.tmp
2008-02-04 16:51 16,384 ~DF36F4.tmp
2008-02-04 16:51 16,384 ~DF3719.tmp
2008-02-04 13:51 32,768 ~DF54A5.tmp
2008-02-05 18:19 16,384 ~DF8051.tmp
2008-02-07 14:33 32,768 ~DFA212.tmp
2008-02-06 18:15 32,768 ~DFD809.tmp
2008-02-04 16:33 16,384 ~DFF0B6.tmp
22 Datei(en) 902,212 Bytes
6 Verzeichnis(se), 44,637,532,160 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\WINDOWS\Temp

2008-02-07 14:29 <DIR> .
2008-02-07 14:29 <DIR> ..
2008-02-04 13:32 0 T30DebugLogFile.txt
2008-02-07 14:29 255 WGAErrLog.txt
2008-02-07 14:30 409 WGANotify.settings
2008-02-07 14:29 256 ZLT02e67.TMP
2008-02-07 14:29 256 ZLT02e6d.TMP
5 Datei(en) 1,176 Bytes
2 Verzeichnis(se), 44,637,532,160 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Temp

2007-06-13 20:49 <DIR> .
2007-06-13 20:49 <DIR> ..
2007-06-13 20:50 1,853 hamachi.log
1 Datei(en) 1,853 Bytes
2 Verzeichnis(se), 44,637,532,160 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Programme

2008-02-02 17:04 <DIR> .
2008-02-02 17:04 <DIR> ..
2005-03-14 18:13 <DIR> Adobe
2007-11-30 19:25 <DIR> AGEIA Technologies
2006-11-19 21:41 <DIR> Ahead
2006-11-24 16:21 <DIR> Alcohol Soft
2008-02-02 17:04 <DIR> Amplifier 2006 Ae
2007-02-15 19:20 <DIR> AntiVir PersonalEdition Classic
2007-06-29 16:48 <DIR> Artweaver 0.4
2006-01-15 16:30 <DIR> Audacity
2006-11-18 11:37 <DIR> Avira
2007-03-20 20:30 <DIR> Common Files
2005-03-14 17:59 <DIR> Create bootable flashcards
2005-03-15 15:18 <DIR> CyberLink
2006-10-26 07:38 <DIR> DIFX
2007-03-23 17:48 <DIR> DivX
2006-12-09 10:25 <DIR> Dolphin
2007-02-15 20:46 <DIR> EA SPORTS
2006-11-24 19:30 <DIR> Electronic Arts
2005-03-15 15:47 <DIR> Encarta
2006-10-26 14:22 <DIR> eRightSoft
2007-06-01 22:31 <DIR> FLVPlayer
2006-07-22 14:15 <DIR> Game Cam
2005-11-06 16:08 <DIR> GameSpy Arcade
2008-01-26 18:57 <DIR> Gemeinsame Dateien
2007-02-16 22:57 <DIR> Grisoft
2007-12-14 17:22 <DIR> Hamachi
2005-07-05 21:33 <DIR> HighMAT CD Writing Wizard
2005-03-15 15:18 <DIR> Home Cinema
2008-01-01 23:46 <DIR> ICQLite
2008-01-02 00:01 <DIR> Internet Explorer
2007-05-17 15:04 <DIR> Java
2007-12-10 23:29 <DIR> Kenny vs Spenny
2005-08-03 17:39 <DIR> Labtec
2007-04-22 13:21 <DIR> Logitech
2006-01-15 13:39 <DIR> Macromedia
2005-03-15 11:06 <DIR> Messenger
2005-03-14 17:07 <DIR> microsoft frontpage
2007-12-13 15:26 <DIR> Microsoft Office
2008-01-26 19:00 <DIR> Microsoft SQL Server Compact Edition
2007-12-13 15:26 <DIR> Microsoft Visual Studio
2007-12-13 15:26 <DIR> Microsoft Works
2005-03-15 15:33 <DIR> Microsoft Works Suite 2005
2007-12-13 15:25 <DIR> Microsoft.NET
2006-07-23 20:53 <DIR> Movie Maker
2008-02-07 14:34 <DIR> Mozilla Firefox
2007-12-13 15:26 <DIR> MSBuild
2005-03-14 17:04 <DIR> MSN Gaming Zone
2006-11-18 12:31 <DIR> MSXML 4.0
2005-12-25 14:57 <DIR> myMP3 4.0
2005-03-14 17:05 <DIR> NetMeeting
2006-10-26 07:38 <DIR> Nokia
2006-05-10 15:06 <DIR> OfficeUpdate11
2007-07-28 12:11 <DIR> OpenTTD
2006-12-13 18:00 <DIR> Outlook Express
2005-03-15 15:07 <DIR> QuickTime
2005-08-03 17:41 <DIR> Real
2008-01-13 17:03 <DIR> Security Task Manager
2007-11-12 16:07 <DIR> Skype
2007-07-01 10:58 <DIR> Solveig Multimedia
2007-12-17 20:44 <DIR> Steam
2006-05-10 15:06 <DIR> Studio 8
2006-05-01 12:35 <DIR> Teamspeak2_RC2
2005-06-11 09:40 <DIR> Theme MultiPatcher 3.0.4
2007-07-28 11:29 <DIR> Transport Tycoon
2007-12-31 14:33 <DIR> Trend Micro
2005-03-14 17:59 <DIR> USB Wireless Keyboard Driver
2007-10-06 13:50 <DIR> uTorrent
2007-02-16 15:54 <DIR> Versatel
2006-06-13 12:54 <DIR> VideoLAN
2007-07-01 11:10 <DIR> Videoschnitt
2008-01-02 20:32 <DIR> VirtualDJ
2007-09-20 18:22 <DIR> Visiosonic
2007-01-28 17:53 <DIR> Western Digital
2007-01-28 19:23 <DIR> Western Digital Technologies
2007-06-27 20:13 <DIR> Winamp
2008-01-26 19:01 <DIR> Windows Live
2008-01-02 18:14 <DIR> Windows Live Safety Center
2006-11-19 21:06 <DIR> Windows Media Connect 2
2006-11-19 21:06 <DIR> Windows Media Player
2005-03-14 17:04 <DIR> Windows NT
2006-04-20 22:04 <DIR> WinRAR
2006-05-22 08:42 <DIR> WoW Screenshot Manager
2005-03-15 15:18 <DIR> X10 Hardware
2005-03-14 17:07 <DIR> xerox
2006-05-09 12:16 <DIR> Zone Labs
0 Datei(en) 0 Bytes
86 Verzeichnis(se), 44,637,528,064 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Dokumente und Einstellungen\JORDI\Lokale Einstellungen\Anwendungsdaten

2005-09-28 15:22 <DIR> Adobe
2006-04-22 13:35 <DIR> Ahead
2008-01-02 18:11 <DIR> Apple Computer
2008-01-26 19:00 <DIR> ApplicationHistory
2007-12-28 15:08 140,288 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-07-22 17:10 138 fusioncache.dat
2007-12-30 12:30 82,416 GDIPFONTCACHEV1.DAT
2007-11-11 16:51 <DIR> Google
2005-09-16 13:30 <DIR> Help
2006-10-19 15:19 <DIR> Identities
2007-04-22 13:21 <DIR> Logitech
2006-01-15 13:39 <DIR> Macromedia
2008-02-02 14:50 <DIR> Microsoft
2007-12-13 15:22 <DIR> Microsoft Help
2007-03-01 17:47 <DIR> Mozilla
2007-10-25 10:14 <DIR> My Games
2005-06-08 18:59 <DIR> NFS Underground 2
2005-06-07 21:31 <DIR> Powercinema
2007-08-27 16:25 <DIR> Steam
2007-12-30 16:25 <DIR> The Weather Channel
2006-07-24 17:28 <DIR> WMTools Downloaded Files
2005-03-14 18:36 <DIR> {3248F0A6-6813-11D6-A77B-00B0D0150010}
3 Datei(en) 222,842 Bytes
19 Verzeichnis(se), 44,637,523,968 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Dokumente und Einstellungen\JORDI\Anwendungsdaten

2006-03-27 18:35 <DIR> Adobe
2006-03-28 19:27 <DIR> AdobeUM
2005-07-06 11:33 <DIR> Ahead
2005-06-07 19:25 <DIR> AOL
2007-06-16 20:45 <DIR> Artweaver
2005-09-04 20:01 <DIR> Atari
2008-01-27 09:57 <DIR> AVG7
2007-07-31 03:08 <DIR> BitTorrent
2007-01-21 20:41 <DIR> CDZilla
2006-04-03 13:22 110,375 Cosmos Prefs
2005-06-07 21:20 <DIR> CyberLink
2007-12-31 12:37 <DIR> dvdcss
2007-03-29 15:10 <DIR> fretsonfire
2007-10-21 18:31 62,032 GDIPFONTCACHEV1.DAT
2007-06-05 15:46 <DIR> Google
2008-01-04 03:54 <DIR> Hamachi
2005-09-16 13:30 <DIR> Help
2007-12-30 15:21 <DIR> ICQ
2006-10-30 16:11 <DIR> ICQ Toolbar
2006-03-27 14:26 <DIR> ICQLite
2005-03-14 17:13 <DIR> Identities
2007-10-25 08:26 <DIR> InstallShield
2007-11-30 19:34 <DIR> InstallShield Installation Information
2005-10-14 18:30 <DIR> Leadertech
2006-01-15 13:40 <DIR> Macromedia
2007-03-01 17:47 <DIR> Mozilla
2007-09-22 11:45 <DIR> My Games
2006-10-26 07:43 <DIR> Nokia
2006-11-01 07:35 <DIR> Nokia Multimedia Player
2006-10-26 07:38 <DIR> PC Suite
2007-11-11 16:52 <DIR> Real
2008-02-04 23:55 <DIR> Skype
2005-09-29 14:52 <DIR> Steinberg
2005-03-14 18:58 <DIR> Sun
2007-07-10 11:19 <DIR> teamspeak2
2007-12-09 15:44 <DIR> temp
2008-02-03 14:46 <DIR> uTorrent
2006-06-13 14:55 <DIR> vlc
2008-02-04 23:44 23,204 wklnhst.dat
3 Datei(en) 195,611 Bytes
36 Verzeichnis(se), 44,637,523,968 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten

2006-05-09 12:14 305 addr_file.html
2006-03-28 12:04 <DIR> Adobe
2005-03-15 15:27 <DIR> Ahead
2007-08-15 21:04 <DIR> AntiVir PersonalEdition Classic
2005-06-07 19:25 <DIR> AOL
2008-01-13 16:59 <DIR> avg7
2005-03-15 15:18 <DIR> CyberLink
2007-02-16 22:57 <DIR> Grisoft
2008-01-01 17:17 <DIR> Kaspersky Lab
2006-01-15 13:40 <DIR> Macrovision
2007-12-30 12:24 <DIR> Microsoft Help
2005-06-08 19:22 <DIR> nView_Profiles
2006-10-26 07:38 <DIR> PC Suite
2005-06-11 09:26 <DIR> QuickTime
2005-03-14 18:57 <DIR> SBSI
2008-01-02 19:42 <DIR> SecTaskMan
2007-11-12 16:07 <DIR> Skype
2007-02-16 16:01 <DIR> TEMP
2005-03-15 15:13 <DIR> Viewpoint
2006-07-21 09:57 <DIR> Windows Genuine Advantage
2008-01-26 18:57 <DIR> WLInstaller
1 Datei(en) 305 Bytes
20 Verzeichnis(se), 44,637,523,968 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Programme\Gemeinsame Dateien

2008-01-26 18:57 <DIR> .
2008-01-26 18:57 <DIR> ..
2005-03-14 18:18 <DIR> Adobe
2005-03-15 15:29 <DIR> Ahead
2006-05-10 15:06 <DIR> aol
2007-08-16 09:26 <DIR> Blizzard Entertainment
2007-12-13 15:26 <DIR> DESIGNER
2005-03-14 17:05 <DIR> Dienste
2005-06-08 18:59 <DIR> DirectX
2005-09-28 15:20 <DIR> InstallShield
2005-03-14 18:37 <DIR> Java
2007-04-22 13:21 <DIR> Logitech
2006-01-15 13:39 <DIR> Macromedia
2006-01-15 13:40 <DIR> Macromedia Shared
2007-12-13 15:31 <DIR> Microsoft Shared
2005-03-14 17:05 <DIR> MSSoap
2006-10-26 07:38 <DIR> Nokia
2005-03-15 15:13 <DIR> Nullsoft
2007-12-13 15:25 <DIR> ODBC
2006-10-26 07:38 <DIR> PCSuite
2007-11-11 16:51 <DIR> Real
2007-11-12 16:07 <DIR> Skype
2007-06-19 08:06 <DIR> Softwin
2007-07-01 10:58 <DIR> Solveig Multimedia
2005-03-14 16:59 <DIR> SpeechEngines
2007-12-13 15:31 <DIR> System
2005-09-29 14:53 <DIR> Totem Shared
2007-12-31 13:39 <DIR> Wise Installation Wizard
2007-11-11 16:51 <DIR> xing shared
0 Datei(en) 0 Bytes
29 Verzeichnis(se), 44,637,519,872 Bytes frei
Datenträger in Laufwerk C: ist System
Volumeseriennummer: EC19-C9AA

Verzeichnis von C:\Windows\tasks



vlt hilft das ja weiter..

Danke Die Gummiwurst

#6 Gummiwurst

LSPfix
http://www.spychecker.com/program/lspfix.html

- hake an: "I know what Im doing"

- und lösche die webhdll.dll (musst du die dll von links nach rechts bringen) + Remove

Anschließend auf den 'Finished' Button klicken. - Danach bitte den Rechner neu starten.

««
scanne mit Panda-Total-Scan + poste den scanreport
http://virus-protect.org/onlinescan.html
__________
Gruss
Pinguin

bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/

#7 1. hab ich gemacht..

2. ach so hatte ich vergessen zu erwähnen
Im internetexplorer kann ich nichts schreiben (ausnahme macht die zeile für die URL open)

da ich bei panda eine E-mail angeben muss geht das also nicht

kann ich alternativ dazu n anderen online Virenscanner durchlaufn lassn?


danke
greetz Gummiwurst

#8 ««
Download und auf dem Desktop entzippen:
http://virus-protect.org/zip/IEreg.zip
entzippen
Klicke: iereg.bat
PC neustarten und prüfen, ob der IE korrekt funktioniert

««
versuche es mal mit bitdefender
http://virus-protect.org/onlinescan.html
__________
Gruss
Pinguin

bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/

#9 hmm funktioniert leider noch nicht der internet explorer macht immer noch
nich das was es soll :/

also Panda kann ich noch nich durchlaufn lassn


greetz Gummiwurst

#10 Versuch es mal mit "Reset Internet Explorer Settings (RIES)"
http://support.microsoft.com/kb/923737/de
__________
MfG Argus

#11 hmm

also im IExplorer verweigert er mir den zugriff und meine ich solle mich an den admin wenden.

über systemsteuerung öffnet er internetoptionen auch nicht

werde es mal über den abgesicherten modus versuchen..

#12 «
lade
http://virus-protect.org/artikel/tools/sdfix.html

sdfix - im Normalmodus - RunThis.bat doppelt klicken - 1 : es wird a-squared geladen - scanne und poste hier den scanreport
__________
Gruss
Pinguin

bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/

#13 hier der report :


a-squared Command Line Scanner - Version 3.0
Last update: N/A

Scan settings:

Objects: Memory, Traces, Cookies, C:
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start: 2008-02-08 15:04:54

c:\programme\gemeinsame dateien\totem shared detected: Trace.Directory.ISTbar
c:\windows\webhdll.dll detected: Trace.File.WebHancer
Key: HKEY_CLASSES_ROOT\interface\{8ba2fe8d-8506-11d4-bfe2-cb5fed326646} detected: Trace.Registry.AceClubCasino
Key: HKEY_CLASSES_ROOT\interface\{8ba2fe8f-8506-11d4-bfe2-cb5fed326646} detected: Trace.Registry.AceClubCasino
Key: HKEY_CLASSES_ROOT\interface\{8ba2fe91-8506-11d4-bfe2-cb5fed326646} detected: Trace.Registry.AceClubCasino
c:\dokumente und einstellungen\all users\startmenü\programme\the weather channel detected: Trace.Directory.Desktop Weather
c:\programme\gamespy arcade detected: Trace.Directory.GameSpy Arcade
c:\windows\system32\sstunst3.exe detected: Trace.File.Tropical Sea Life Scenic Reflections Screen Saver
Value: HKEY_CURRENT_USER\Software\Elcom\Advanced RAR Password Recovery --> Installer Language detected: Trace.Registry.Advanced RAR Password Recovery
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Elcom\Advanced RAR Password Recovery --> InstallDir detected: Trace.Registry.Advanced RAR Password Recovery
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Elcom\Advanced RAR Password Recovery --> Stat param #1 detected: Trace.Registry.Advanced RAR Password Recovery
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Elcom\Advanced RAR Password Recovery --> Stat param #2 detected: Trace.Registry.Advanced RAR Password Recovery
Value: HKEY_CLASSES_ROOT\CLSID\{2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F}\InprocServer32 --> ThreadingModel detected: Trace.Registry.ClickSpring.Oinadserver
Value: HKEY_CURRENT_USER\Software\The Weather Channel\Apps\{04484283-6CDE-4374-A939-AB50B2481621} --> InstallDir detected: Trace.Registry.Desktop Weather
Value: HKEY_CURRENT_USER\Software\The Weather Channel\Apps\{04484283-6CDE-4374-A939-AB50B2481621} --> Version detected: Trace.Registry.Desktop Weather
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services --> DisplayName detected: Trace.Registry.Desktop Weather
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services --> UninstallString detected: Trace.Registry.Desktop Weather
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Download Accelerator Plus (DAP) --> Changed detected: Trace.Registry.Warez P2P Faster Accelerator
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Download Accelerator Plus (DAP) --> SlowInfoCache detected: Trace.Registry.Warez P2P Faster Accelerator
C:\Dokumente und Einstellungen\JORDI\Cookies\jordi@2o7[1].txt detected: Trace.TrackingCookie
C:\Dokumente und Einstellungen\JORDI\Cookies\jordi@adserver.71i[1].txt detected: Trace.TrackingCookie
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan\whiehlpr.dll.q_16C0A001_q detected: Adware.WebHancer
C:\pp\bin\win32\upx.exe detected: Backdoor.Win32.Ptakks.dr
C:\Programme\VirtualDJ\virtualdj.exe detected: Backdoor.Win32.Ciadoor.13

Scanned

Files: 189577
Traces: 161367
Cookies: 28
Processes: 43

Found

Files: 3
Traces: 19
Cookies: 2
Processes: 0

Quarantined

Files: 3
Traces: 16
Cookies: 2
Processes: 0

Scan end: 2008-02-08 16:14:45
Scan time: 1:09:51

greetz Gummiwurst

#14 Gummiwurst

c:\windows\webhdll.dll - die dll darf man nur mit dem LSPfix löschen, nicht manuell, weil sie im Winsock verankert ist .. bei manuellem löschen, kommst du nicht mehr ins net.

deshalb: zum überpruefen - poste bitte das neue Log vom HijackThis, mal sehen, ob die dll noch im Winsock ist...
__________
Gruss
Pinguin

bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/

#15 Logfile of HijackThis v1.99.1
Scan saved at 09:32, on 2008-02-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\Dit.exe
C:\Programme\Gemeinsame Dateien\Logitech\QCDriver2\LVCOMS.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\lcdmon.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDCountdown.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDClock.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\LCDMedia.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Versatel\Versatel.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Internet Explorer\iexplore.exe
D:\Eigene Datein\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fritz.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.versatel.de/internet-cd/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll (file missing)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Programme\Gemeinsame Dateien\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\lcdmon.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Programme\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - D:\Online\partypoker\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - D:\Online\partypoker\PartyPokerNet\RunPF.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.msn.de
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.johannrain-softwareentwicklung.de/DE/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143388806421
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{07119AB0-4AC1-4F29-8BC2-AB399EC0F2FB}: NameServer = 217.237.151.51,217.237.149.205
O17 - HKLM\System\CCS\Services\Tcpip\..\{C334A89A-EC08-4AE2-BEAD-D1BCF3222814}: NameServer = 82.144.41.8 62.220.18.8
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Media Connect (WMC) (WmcCds) - Unknown owner - c:\programme\windows media connect\mswmccds.exe (file missing)
O23 - Service: Windows Media Connect-Hilfsprogramm (WmcCdsLs) - Unknown owner - C:\Programme\Windows Media Connect\mswmcls.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe



hab die Webhdll egtl mit dem LSPfix gelöscht.
und LspFix zeigt sie auch nicht mehr an

hoffe ma sie ist weg..

greetz und danke
Gummiwurst