Da fällt mir grad ein, hier mein hijackthis log:
Logfile of HijackThis v1.99.1
Scan saved at 23:58:19, on 08.10.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\LEXBCES.EXE
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\system32\LEXPPS.EXE
C:\WINDOWS.0\System32\netddesrv.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\Dit.exe
C:\WINDOWS.0\SOUNDMAN.EXE
C:\WINDOWS.0\System32\lssas.exe
C:\Programme\SurfAccuracy\SAcc.exe
C:\Programme\ICQLite\ICQLite.exe
C:\WINDOWS.0\System32\logon.exe
C:\WINDOWS.0\System32\csrs.exe
C:\Programme\Java\jre1.5.0_03\bin\jusched.exe
C:\luxor.exe
C:\Programme\winupdates\winupdates.exe
C:\WINDOWS.0\lwtdi.exe
C:\WINDOWS.0\elos.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\saes\cier.exe
C:\WINDOWS.0\System32\w?nspool.exe
C:\WINDOWS.0\system32\sistray.exe
C:\Programme\SpamPal\spampal.exe
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\WINDOWS.0\System32\scvhost.exe
C:\WINDOWS.0\System32\scvhost.exe
C:\Programme\Lavasoft\Ad-aware 6\Ad-aware.exe
C:\WINDOWS.0\System32\wuauclt.exe
C:\WINDOWS.0\System32\wpabaln.exe
C:\WINDOWS.0\System32\ms32.pif
C:\WINDOWS.0\etb\pokapoka75.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\ISTsvc\istsvc.exe
C:\Dokumente und Einstellungen\Tim\Desktop\HijackThis.exe
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.0\System32\msdxm.ocx
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS.0\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Configuration Loader] scvhost.exe
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS.0\System32\lssas.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Programme\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS.0\System32\logon.exe
O4 - HKLM\..\Run: [Windows Security] ms32.pif
O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS.0\System32\csrs.exe
O4 - HKLM\..\Run: [mouse] mouse.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [schost] C:\luxor.exe
O4 - HKLM\..\Run: [winupdates] C:\Programme\winupdates\winupdates.exe /auto
O4 - HKLM\..\Run: [AFuGFBO] C:\WINDOWS.0\lwtdi.exe
O4 - HKLM\..\Run: [elos] C:\WINDOWS.0\elos.exe
O4 - HKLM\..\Run: [IST Service] C:\Programme\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [System service75] C:\WINDOWS.0\etb\pokapoka75.exe
O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe
O4 - HKLM\..\RunServices: [Windows Security] ms32.pif
O4 - HKLM\..\RunServices: [mouse] mouse.exe
O4 - HKLM\..\RunOnce: [Ad-aware] C:\Programme\Lavasoft\Ad-aware 6\Ad-aware.exe +b1
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.0\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] C:\Programme\Messenger\msmsgs.exe /background
O4 - HKCU\..\Run: [Windows Security] ms32.pif
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MsnMsgr] C:\Programme\MSN Messenger\MsnMsgr.Exe /background
O4 - HKCU\..\Run: [WISE-FTP Task Planner] C:\Programme\AceBIT\WISE-FTP 4\wf_tp.exe
O4 - HKCU\..\Run: [Rura] C:\Programme\saes\cier.exe -vt mt
O4 - HKCU\..\Run: [Jmqbh] C:\WINDOWS.0\System32\w?nspool.exe
O4 - HKCU\..\Run: [WinFixer 2005] C:\Programme\WinFixer 2005\WFX5.exe /scan
O4 - HKCU\..\RunServices: [Windows Security] ms32.pif
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Startup: SpamPal.lnk = C:\Programme\SpamPal\spampal.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS.0\system32\sistray.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra->Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone:
http://ny.contentmatch.net (HKLM)
O16 - DPF: v3cab -
http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {0D62A517-E7C6-4E1F-A577-07D4AC549A48} (Progetto1.int_ver32) -
http://advnt01.com/dialer/int_ver32b.CAB
O16 - DPF: {7149E79C-DC19-4C5E-A53C-A54DDF75EEE9} (IObjSafety.DemoCtl) -
http://cabs.media-motor.net/cabs/joysaver.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) -
http://www.tbcode.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} -
http://static.zangocash.com/cab/Zango/ie/bridge-c11.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19909FFD-51D4-4C14-9433-490AACA69FAD}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7B6DA9C-5B57-4797-B735-F99CA01B5841}: NameServer = 217.237.150.33 217.237.150.141
O17 - HKLM\System\CS1\Services\Tcpip\..\{19909FFD-51D4-4C14-9433-490AACA69FAD}: NameServer = 0.0.0.0
O17 - HKLM\System\CS2\Services\Tcpip\..\{19909FFD-51D4-4C14-9433-490AACA69FAD}: NameServer = 0.0.0.0
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\msgrapp.dll (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS.0\system32\LEXBCES.EXE
O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS.0\System32\netddesrv.exe