Hey Leute ich wollte mal fragen was hier nicht passt an diesen Prozessen die sind von meinem vater seinem rechner nicht von mir deshalb wollte ich euch um rat bitten !!!! Bitte sagt mir was an diesen Prozessen gefixt gehöhrt !!!

Mfg Warrior

Logfile of HijackThis v1.98.2
Scan saved at 18:22:32, on 03.12.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
K:\WINDOWS\System32\smss.exe
K:\WINDOWS\system32\winlogon.exe
K:\WINDOWS\system32\services.exe
K:\WINDOWS\system32\lsass.exe
K:\WINDOWS\System32\Ati2evxx.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\System32\svchost.exe
K:\WINDOWS\system32\spoolsv.exe
K:\Programme\AVPersonal\AVGUARD.EXE
K:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
K:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
K:\Programme\AVPersonal\AVWUPSRV.EXE
K:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
K:\WINDOWS\system32\Ati2evxx.exe
K:\WINDOWS\Explorer.EXE
K:\Programme\cFosSpeed\spd.exe
K:\WINDOWS\System32\GEARSec.exe
K:\Programme\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
K:\WINDOWS\System32\svchost.exe
K:\Programme\HHVcdV6Sys\VC6SecS.exe
K:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
K:\PROGRA~1\T-DSLS~1\SpeedMgr.exe
K:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
K:\PROGRA~1\Grisoft\AVG7\avgcc.exe
G:\ZEITGE~1\Zeitgeist.exe
K:\Programme\Symantec\Norton Ghost\Agent\GhostTray.exe
K:\Programme\SlySoft\AnyDVD\AnyDVD.exe
K:\WINDOWS\system32\rundll32.exe
K:\Programme\Gemeinsame Dateien\ACD Systems\DE\DevDetect.exe
K:\Programme\AVPersonal\AVGNT.EXE
K:\Programme\SlySoft\CloneCD\CloneCDTray.exe
K:\Programme\cFosSpeed\cFos_Speed.exe
K:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
K:\Programme\Rainlendar\Rainlendar.exe
K:\Programme\Webshots\webshots.scr
K:\Programme\T-DSL SpeedManager\tsmsvc.exe
K:\Programme\MSN Messenger\msnmsgr.exe
K:\Programme\ICQLite\ICQLite.exe
K:\WINDOWS\System32\rsvp.exe
K:\totalcmd\TOTALCMD.EXE
K:\Programme\ACD Systems\ACDSee\7.0\ACDSee7.exe
K:\Programme\WinRAR\WinRAR.exe
K:\DOKUME~1\werni\LOKALE~1\Temp\Rar$EX00.157\HjackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.news.at/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Inode
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6291957C-8CE9-4c90-BEFF-12D9E68CFF30} - K:\Programme\MoreGoogle\MoreGoogle.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - K:\Programme\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - k:\programme\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - K:\Programme\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - K:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - k:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] K:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HPHUPD04] "K:\Programme\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "K:\PROGRA~1\T-DSLS~1\SpeedMgr.exe"
O4 - HKLM\..\Run: [Zone Labs Client] K:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ATIPTA] K:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVG7_CC] K:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zeitgeist] G:\ZEITGE~1\Zeitgeist.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] K:\Programme\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [AnyDVD] K:\Programme\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [AVGCtrl] K:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [CloneCDTray] "K:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [cFosSpeed] K:\Programme\cFosSpeed\cFos_Speed.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] K:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Rainlendar.lnk = K:\Programme\Rainlendar\Rainlendar.exe
O4 - Startup: Webshots.lnk = K:\Programme\Webshots\Launcher.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Google Search - res://K:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Alles mit FlashGet laden - K:\Programme\FlashGet\jc_all.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://K:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Mit FlashGet laden - K:\Programme\FlashGet\jc_link.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://K:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: RF - &Formular speichern - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF - &Menü anpassen - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF - Formular ausf&üllen - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Senden an &Bluetooth - K:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verweisseiten - res://K:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://K:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: RF - Formular ausf&üllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: RF - &Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF - RoboForm-&Leiste - {724d43aa-0d85-11d4-9908-00400523e39a} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - K:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - K:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - K:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - K:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - K:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\Programme\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\Programme\FlashGet\flashget.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - K:\Programme\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {5AAB5056-8342-45DE-AE4B-41779DC522D1} - K:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {5AAB5056-8342-45DE-AE4B-41779DC522D1} - K:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/12c39bcf...dxIE601_de.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1099681333139
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9DCC30D-090B-4C6C-BE3A-AAD61D79147D}: NameServer = 195.58.160.2 195.58.161.3
O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - (no file)

Hallo,

fixe diese Einträge:
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe
O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - (no file)

Laufen die beiden Guards von AVG und AntiVir zeitgleich?

Überprüfe mal folgende Dateien bei http://virusscan.jotti.org/de
und poste das Ergebnis:
K:\WINDOWS\System32\rsvp.exe

Mein Vater hat jewtzt diese einträge gefixt passen die jetzt ???

Logfile of HijackThis v1.98.2
Scan saved at 19:32:31, on 03.12.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
K:\WINDOWS\System32\smss.exe
K:\WINDOWS\system32\winlogon.exe
K:\WINDOWS\system32\services.exe
K:\WINDOWS\system32\lsass.exe
K:\WINDOWS\System32\Ati2evxx.exe
K:\WINDOWS\system32\svchost.exe
K:\WINDOWS\System32\svchost.exe
K:\WINDOWS\system32\spoolsv.exe
K:\Programme\AVPersonal\AVGUARD.EXE
K:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
K:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
K:\Programme\AVPersonal\AVWUPSRV.EXE
K:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
K:\WINDOWS\system32\Ati2evxx.exe
K:\WINDOWS\Explorer.EXE
K:\Programme\cFosSpeed\spd.exe
K:\WINDOWS\System32\GEARSec.exe
K:\Programme\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
K:\WINDOWS\System32\svchost.exe
K:\Programme\HHVcdV6Sys\VC6SecS.exe
K:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
K:\PROGRA~1\T-DSLS~1\SpeedMgr.exe
K:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
K:\PROGRA~1\Grisoft\AVG7\avgcc.exe
G:\ZEITGE~1\Zeitgeist.exe
K:\Programme\Symantec\Norton Ghost\Agent\GhostTray.exe
K:\Programme\SlySoft\AnyDVD\AnyDVD.exe
K:\WINDOWS\system32\rundll32.exe
K:\Programme\Gemeinsame Dateien\ACD Systems\DE\DevDetect.exe
K:\Programme\AVPersonal\AVGNT.EXE
K:\Programme\SlySoft\CloneCD\CloneCDTray.exe
K:\Programme\cFosSpeed\cFos_Speed.exe
K:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
K:\Programme\Rainlendar\Rainlendar.exe
K:\Programme\Webshots\webshots.scr
K:\Programme\T-DSL SpeedManager\tsmsvc.exe
K:\Programme\MSN Messenger\msnmsgr.exe
K:\Programme\ICQLite\ICQLite.exe
K:\WINDOWS\System32\rsvp.exe
K:\totalcmd\TOTALCMD.EXE
K:\WINDOWS\System32\msiexec.exe
K:\DOKUME~1\werni\LOKALE~1\Temp\_tc\HjackThis\HijackThis.exe
K:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.news.at/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir...r=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Inode
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6291957C-8CE9-4c90-BEFF-12D9E68CFF30} - K:\Programme\MoreGoogle\MoreGoogle.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - K:\Programme\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - k:\programme\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - K:\Programme\Siber Systems\AI RoboForm\RoboForm.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - K:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - k:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] K:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HPHUPD04] "K:\Programme\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "K:\PROGRA~1\T-DSLS~1\SpeedMgr.exe"
O4 - HKLM\..\Run: [Zone Labs Client] K:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ATIPTA] K:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVG7_CC] K:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zeitgeist] G:\ZEITGE~1\Zeitgeist.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] K:\Programme\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [AnyDVD] K:\Programme\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [AVGCtrl] K:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [CloneCDTray] "K:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [cFosSpeed] K:\Programme\cFosSpeed\cFos_Speed.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] K:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Rainlendar.lnk = K:\Programme\Rainlendar\Rainlendar.exe
O4 - Startup: Webshots.lnk = K:\Programme\Webshots\Launcher.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Google Search - res://K:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Alles mit FlashGet laden - K:\Programme\FlashGet\jc_all.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://K:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Mit FlashGet laden - K:\Programme\FlashGet\jc_link.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://K:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: RF - &Formular speichern - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: RF - &Menü anpassen - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF - Formular ausf&üllen - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Senden an &Bluetooth - K:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Verweisseiten - res://K:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://K:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: RF - Formular ausf&üllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: RF - &Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF - RoboForm-&Leiste - {724d43aa-0d85-11d4-9908-00400523e39a} - file://K:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - K:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - K:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - K:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - K:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - K:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\Programme\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - K:\Programme\FlashGet\flashget.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - K:\Programme\IrfanView\Ebay\Ebay.htm
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/12c39bcf...dxIE601_de.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1099681333139
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9DCC30D-090B-4C6C-BE3A-AAD61D79147D}: NameServer = 195.58.160.2 195.58.161.3
O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - (no file)

Fixe noch dies:

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.130/e9xr2.chm::/file.exe
O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - (no file)


Beantworte die Fragen, die Cidre dir gestellt hat, sonst wirst du hier nicht geholfen.