"Warning! Windows has detected SPYWARE INSTALLED on your computer"----> HILFE!!! =(

*velocy*

Hi, habe diesen Virus/Trojaner, was auch immer, auf meinem PC und krieg ihn nicht weg.

Hijack Log File:
Logfile of HijackThis v1.98.2
Scan saved at 18:37:51, on 14.12.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\CloneCD\CloneCDTray.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\D-Tools\daemon.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\Microsoft IntelliPoint\point32.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\Software\software.exe
D:\Programme\CursorXP\CursorXP.exe
C:\WINDOWS\System32\d?dplay.exe
C:\Programme\GetRight\getright.exe
C:\Programme\Internet Explorer\iexplore.exe
D:\Programme\Hijack This\HijackThis.exe
C:\WINDOWS\System32\winpack.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\msvcr70.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.web--search.com/to.php?ID1=575&ID2=101037672&ID3=Jñ0ò&ID4=0&ID5={AFA26815-8048-4566-BB6D-44A48E02981A}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:1080
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Cls - {CF021F40-3E14-23A5-CBA2-7173706D1316} - C:\WINDOWS\System32\spm1316.dll (file missing)
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programme\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "D:\Programme\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [dlexport] C:\Programme\Windows Media Player\dlexport.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [sais] c:\programme\180solutions\sais.exe
O4 - HKLM\..\Run: [Software] C:\WINDOWS\System32\Software\software.exe
O4 - HKCU\..\Run: [CursorXP] D:\Programme\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [msvcr70] C:\WINDOWS\System32\msvcr70.exe
O4 - Startup: dat75.tmp
O4 - Startup: Stardock ObjectBar.lnk = D:\Programme\ObjectBar\ObjectBar.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Programme\GetRight\getright.exe
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O9 - Extra button: concept/design's onlineTV - {0A2AD22A-4E9E-4DC7-9C35-D512E9A289B5} - K:\Programme\onlineTV\onlineTV.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://c:\nosuch.mht!http://www.foxik.com/6/files.chm::/file.exe
O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
O16 - DPF: {22222222-2222-2222-2222-222222222222} - file://c:\x.cab
O16 - DPF: {4CF9DEDA-09B7-7F65-CE2D-46B16716E263} - http://82.179.166.72/1/rdgDE208.exe
O16 - DPF: {7D79C2C5-C982-492E-32B6-2FF1304B1139} - http://82.179.166.72/1/rdgDE208.exe
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2 (file missing)


habe ausserdem nen Bluescreen, der über den Active-Desktop überlappt, wo diese Meldung kommt:

Windows

Warning! Windows has detected SPYWARE INSTALLED on your computer.
What is Spyware, Adware and Malware?Spyware and Adware, also called 'Malware', are files made by publishers that allow them to snoop on your browsing activity, see what you purchase and send you 'pop-up' ads. They can slow down your PC, cause it to crash, record your credit card numbers and worse.
If you're like most Internet users, chances are you're probably infected with these files. Simply surfing the Internet, reading email, downloading music or other files can infect your PC without you knowing it.

* It is HIGHLY recommended to install protection from spyware

* Choose a good antispyware program and install it to protect your privacy

auf dieser Seite hab ich auch was gefunden: http://www.tas-independent-programming.com/

allerdings weis ich nmicht was ich sonst noch tun soll, nachdem ich die 3 Files gelöscht habe......kann mir wer helfen ????? =(((