Hey ,
danke , nicht nur die Virenmeldung ist weg , sondern unser altes Mädel ist noch richtig flott geworden ...
Danke für die wirklich gekonnte Hilfe...

Gotha

Der kann auch noch weg is wohln überbleibsel von directx installation

O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A

Gruß

Habe ich auch gelöscht, nochmals danke...

Gotha

Jupp kein problem...dafür is das Forum ja da

Gruß  

Hallo

habe ein ähnliches Problem. Könntet ihr mir auch helfen, kenne mich leider nicht so aus.
Hier meine Log-File:

Logfile of HijackThis v1.99.1
Scan saved at 20:53:15, on 12.05.2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\Programme\Iomega\AutoDisk\ADService.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Programme\Classic PhoneTools\CapFax.EXE
C:\Programme\FRITZ!DSL\Awatch.exe
C:\Programme\Iomega\AutoDisk\ADUserMon.exe
C:\Programme\Iomega\DriveIcons\ImgIcon.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\svcutils.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\estr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Dokumente und Einstellungen\Alex\Desktop\Antispyware\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aol.de/e60/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von AOL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\ANTISP~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\ANTISP~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: (no name) - {F876DFAE-7947-4E60-8857-FC9AA0E64791} - C:\WINDOWS\System32\fpmelj.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [CapFax] C:\Programme\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [AWatch] C:\Programme\FRITZ!DSL\Awatch.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programme\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ADUserMon] C:\Programme\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Programme\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Programme\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [o34i39P] svcutils.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\RunOnce: [Spyware Doctor] "C:\Programme\Antispyware\Spyware Doctor\swdoctor.exe" /C /FS /X
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Rlos] C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\estr.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\ANTISP~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: Microsoft AntiSpyware helper - {7375BF54-D9F0-41EE-A80A-07FF788CB409} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7375BF54-D9F0-41EE-A80A-07FF788CB409} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe
O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra button: MedionShop - {543CDDE7-DF47-47DD-9339-0B023AC5DCA8} - http://www.medionshop.de (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {7375BF54-D9F0-41EE-A80A-07FF788CB409} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7375BF54-D9F0-41EE-A80A-07FF788CB409} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.de/e60/
O15 - Trusted IP range: 67.19.185.246
O15 - Trusted IP range: 67.19.185.246 (HKLM)
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.1.3.21/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game4.pogo.com/applet-6.1.3.21/superbingo/superbingo-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.1.4.22/popfu/popfu-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://game.pogo.com/applet-5.8.4.24/squelchies/squelchies-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game4.pogo.com/applet-5.9.2.21/holdem/holdem-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.1.3.21/whackdown/whackdown-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://game4.pogo.com/applet-5.8.6.20/worldclass/worldclass-ob-assets.cab
O16 - DPF: {11111111-1111-1111-1111-111111113457} - file://c:\explorer.cab
O16 - DPF: {1F831FA3-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Programme\AutoCAD 2002 Deu\InstFred.ocx
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.de/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-12.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday-Steuerung) - file://C:\Programme\AutoCAD 2002 Deu\AcDcToday.ocx
O16 - DPF: {AE563724-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Programme\AutoCAD 2002 Deu\InstBanr.ocx
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game19.zylomgames.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game11.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview-Steuerung) - file://C:\Programme\AutoCAD 2002 Deu\AcPreview.ocx
O16 - DPF: {FFFF0003-0001-101A-A3F9-0844A22F49F5} - http://www.3pic.com/usa_movie.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{DEFCB519-EEA2-493C-BBA6-EBBCC58658A9}: NameServer = 192.168.122.252,192.168.122.253
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ShowCenter Media Server - Pinnacle Systems - C:\Programme\Pinnacle\ShowCenter\MediaServer\MediaServer.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\PROGRA~1\T-DSLS~1\tsmsvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Programme\Iomega\AutoDisk\ADService.exe

Danke