dr/180solutions ärgert meinen rechner
 

hallo meine letzte rettung,

hab ein problem mit herrn dr/180solutions und habe gesehen das ihr weiterhelft. hier mein logfile von hijackthis. ich hoffe ihr könnt mir helfen. sagt mir bitte was ich fixen muss um ihn loszuwerden, und was ich instalieren muss, damit mir sowas in zukunft nicht mehr passiert. danke, danke, danke,.... ps. musste ein paar sachen aus der mail kürzen, wegen der 10000 zeichenbegrenzung...

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\vwddqmh.exe
C:\PROGRA~1\Save\Save.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Programme\CyberLink\PowerDVD\PowerDVD.exe
C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
C:\Programme\Hotbar\bin\4.5.1.0\WeatherOnTray.exe
C:\DOKUME~1\JRG~1\LOKALE~1\Temp\II22.exe
C:\programme\kiwi alpha\partner\saap.exe
C:\Programme\BullsEye Network\bin\bargains.exe
C:\windows\system32\ossproxy.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Hotbar\bin\4.5.1.0\HbInst.exe
C:\Programme\Messenger\msmsgs.exe
C:\PROGRA~1\CLOCKS~1\Sync.exe
C:\PROGRA~1\WEATHE~1\Weather.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\Hotbar\bin\4.5.1.0\HbSrv.exe
C:\Programme\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.spidersearch.com/frame_results.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.spidersearch.com/frame_results.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.spidersearch.com/frame_results.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.spidersearch.com/frame_results.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.spidersearch.com/frame_results.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.web.de/
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: TwaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll (file missing)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Programme\Hotbar\bin\4.5.1.0\HbHostIE.dll
O2 - BHO: CSBHO - {D14D6793-9B65-11D3-80B6-00500487BDBA} - C:\PROGRA~1\Comet\Bin\csbho.dll
O2 - BHO: ohb - {EB386233-65D7-46DC-A73D-0E02F2F844A9} - C:\WINDOWS\System32\winsps32.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O2 - BHO: BHObj Class - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem216.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: SpiderSearch.com Bar - {1D022C27-3771-4D1D-B1B7-1953E271C6CA} - C:\WINDOWS\System32\winsps32.dll
O3 - Toolbar: &Hotbar - {B195B3B3-8A05-11D3-97A4-0004ACA6948E} - C:\Programme\Hotbar\bin\4.5.1.0\HbHostIE.dll
O3 - Toolbar: Starware - {FE6BC4EF-5676-484B-88AE-883323913256} - C:\PROGRA~1\Comet\Bin\csietb.dll
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\GlobespanVirata\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\PINNAC~1\PPE\PPE.EXE
O4 - HKLM\..\Run: [dovgptnpzlr] C:\WINDOWS\System32\vwddqmh.exe
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Winsock2 driver] SYSREQ.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Programme\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [Media Services] C:\DOKUME~1\JRG~1\LOKALE~1\Temp\II22.exe.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Programme\Hotbar\bin\4.5.1.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [UsbD] C:\DOKUME~1\JRG~1\LOKALE~1\Temp\II22.exe
O4 - HKLM\..\Run: [Microsoft Update] mssmgrd.exe
O4 - HKLM\..\Run: [saap] c:\programme\kiwi alpha\partner\saap.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programme\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [OSS] c:\windows\system32\ossproxy.exe -boot
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [Hotbar] C:\Programme\Hotbar\bin\4.5.1.0\HbInst.exe /Upgrade
O4 - HKLM\..\RunServices: [Microsoft Update] mssmgrd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Internet Explorer Website Manager] C:\WINDOWS\SYSTEM32\iexplore32w.exe
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Microsoft Update] mssmgrd.exe
O4 - HKCU\..\Run: [WeatherCast] C:\PROGRA~1\WEATHE~1\Weather.exe /q
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxdm73137
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\Conceptronic\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Web Rebates - file://C:\Programme\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: MP3 - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\euro-libremp3-de\local.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Conceptronic\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Conceptronic\Bluetooth Software\btsendto_ie.htm
O16 - DPF: IEToolbarCab - http://www.dailytoolbar.com/DailyToolbar.CAB
O16 - DPF: {0107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {779B0B97BA} (vxiewer control) - http://www.thepaymentcentre.com/build/vxiewer.cab
O16 - DPF: {AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3.com/binarie...1026_EN_XP.cab
O16 - DPF: {12D27F78} (preload control) - http://www.thepaymentcentre.com/build/preload2.cab
O16 - DPF: {6D3AB3602} (vviewer control) - http://www.thepaymentcentre.com/build/vviewer.cab
O16 - DPF: {FC6E22741E} - http://akamai.downloadv3.com/binarie...ce_3_EN_XP.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...tup1.0.0.8.cab
O16 - DPF: {D99215851D} - http://akamai.downloadv3.com/binarie...ia32_EN_XP.cab
O16 - DPF: {05C0C03C87} - http://akamai.downloadv3.com/binarie...40_pack_XP.cab
O16 - DPF: {0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {DA18DE71} (RdxIE Class) - http://software-dl.real.com/30185180...dxIE601_de.cab
O16 - DPF: {74B289} (DialerWeb Class) - http://212.145.159.194/251065/dialer...ecomendada.cab
O16 - DPF: {F33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1093982879793
O16 - DPF: {4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/instal...sinstaller.cab
O16 - DPF: {AF880B7} (iiittt Class) - http://www.traffichog.com/toolbar2/winalot32.cab
O16 - DPF: {0F3CF37A} - http://akamai.downloadv3.com/binarie...35_pack_XP.cab
O16 - DPF: {E7CF0F58} (vcload) - http://secure.goodthinxx.com/vcloadgt.cab
O16 - DPF: {4CEDBDBD1} - http://akamai.downloadv3.com/binarie...pe32_EN_XP.cab
O16 - DPF: {C08EFC7B} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
O16 - DPF: {F5FA9C2A-530C-408A-BB68-F23AEE1E5E5E} (GoWorld Control) - http://download.buxomatic.com/access/goworldprof.cab
O16 - DPF: {FC87A650-207D-4392-A6A1-82ADBC56FA64} (MultiDist) - http://xbs.mtree.com/mt/dialers/fc/MultiDistFC.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA9AD0F4-2797-4604-B6C8-CC972F270889}: NameServer = 145.253.2.75 195.50.140.250

Bitte nicht kürzen,
dann lieber den Log auf 2 Posts aufteilen oder als Anhang die Textdatei hochladen.

Danke