CiD Werbeseiten

Teile das Hijackthis Logfile auf 2 Beiträge auf.

Außerdem wende Malwarebytes an, Report hier posten!
http://www.computerhilfen.de/info/anleitung-zum-loeschen-von-viren-und-trojanern.html

hijck:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
g:\archivos de programa\archivos comunes\logitech\lvmvfm\LVPrcSrv.exe
G:\Archivos de programa\Google\Update\1.2.183.7\GoogleCrashHandler.exe
G:\WINDOWS\Explorer.EXE
G:\ARCHIV~1\AVG\AVG8\avgwdsvc.exe
G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40ST7.EXE
G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
G:\Archivos de programa\Java\jre6\bin\jqs.exe
G:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe
G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\Communications_Helper.exe
G:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe
G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\LVComSX.exe
G:\WINDOWS\system32\VTTimer.exe
G:\WINDOWS\system32\S3Trayp.exe
G:\Archivos de programa\CDBurnerXP\NMSAccessU.exe
G:\Archivos de programa\Winamp\winampa.exe
G:\Archivos de programa\Photodex\ProShow\ScsiAccess.exe
g:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe
G:\ARCHIV~1\AVG\AVG8\avgtray.exe
G:\Archivos de programa\Java\jre6\bin\jusched.exe
G:\WINDOWS\system32\winadm.exe
G:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
G:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
G:\WINDOWS\system32\svchost.exe
G:\ARCHIV~1\AVG\AVG8\avgrsx.exe
G:\ARCHIV~1\AVG\AVG8\avgnsx.exe
G:\Archivos de programa\UPHClean\uphclean.exe
G:\WINDOWS\system32\wbem\wmiapsrv.exe
G:\Archivos de programa\Logitech\QuickCam10\COCIManager.exe
G:\WINDOWS\system32\winadmd.exe
G:\Archivos de programa\Internet Explorer\iexplore.exe
G:\Archivos de programa\Internet Explorer\iexplore.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ig?hl=de&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - URLSearchHook: (no name) - *{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - G:\Archivos de programa\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - G:\Archivos de programa\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - G:\Archivos de programa\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - G:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - G:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - G:\Archivos de programa\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Archivos de programa\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - G:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - G:\Archivos de programa\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] G:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] G:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] G:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "G:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "G:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe
O4 - HKLM\..\Run: [HDAudDeck] G:\Archivos de programa\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [WinampAgent] "G:\Archivos de programa\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Archivos de programa\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] G:\ARCHIV~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [_winadm] G:\WINDOWS\system32\winadm.exe
O4 - HKLM\..\Run: [64 GLOBAL VIEW MAGS] G:\Documents and Settings\All Users\Datos de programa\Camp bows 64 global\creative file.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON TX100 Series] G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDL.EXE /FU "G:\WINDOWS\TEMP\E_S65.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [LDM] G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] G:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Else part] G:\DOCUME~1\Admin\DATOSD~1\LESS4A~1\antidog.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://G:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - G:\Archivos de programa\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Archivos de programa\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Archivos de programa\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: g:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://stream.web.de/mail/activex/mail_upload_11213.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CF3E6D7-131F-4488-B920-F5F68106069E}: NameServer = 10.102.2.129 200.33.188.1

O18 - Protocol: bw+0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - G:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - G:\Archivos de programa\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\ARCHIV~1\ARCHIV~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: G:\WINDOWS\System32\icardie32.dll
O20 - Winlogon Notify: 50995df2638 - G:\WINDOWS\System32\icardie32.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - G:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - G:\ARCHIV~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Update Service (gupdate1c9827e75b51864) (gupdate1c9827e75b51864) - Google Inc. - G:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - G:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - G:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - g:\archivos de programa\archivos comunes\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - G:\Archivos de programa\Archivos comunes\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NMSAccessU - Unknown owner - G:\Archivos de programa\CDBurnerXP\NMSAccessU.exe
O23 - Service: ScsiAccess - Unknown owner - G:\Archivos de programa\Photodex\ProShow\ScsiAccess.exe

 

ergebnis malwarebytes:

Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2479
Windows 5.1.2600 Service Pack 3

22/07/2009 12:22:34
mbam-log-2009-07-22 (12-22-33).txt

Scan-Methode: Vollständiger Scan (G:\|H:\|)
Durchsuchte Objekte: 184304
Laufzeit: 40 minute(s), 5 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 108
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 20
Infizierte Dateien: 54

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c003f6ed (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
G:\Archivos de programa\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
G:\Archivos de programa\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
G:\Archivos de programa\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
G:\WINDOWS\system32\SystemX86 (Worm.Archive) -> Quarantined and deleted successfully.

Infizierte Dateien:
G:\Archivos de programa\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
G:\Archivos de programa\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00930DFF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00936B61 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00936E01.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00937302.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\009375B1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00937842.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\009EC5D0.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\213.* bitte keine illegalen Tipps *.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\214.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\215.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\216.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\217.music.au (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\217.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\218.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\218.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\219.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\219.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\220.music.snd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\220.music.snd.kwd (Worm.Archive) -> Quarantined and deleted successfully.
 

hola, ich habe mit malwarebytes gescannt und nocheinmal mit hjack und alle ergebnisse hier gepostet? hilft das weiter? muchisimo gracias und liebe gruesse aus mexico 

ich würde formatieren und das System neu installieren..alle Kennwörter ändern.

ich würde formatieren und das System neu installieren..alle Kennwörter ändern.

..wenn du meinst, ist gut..für mich ist da zuviel drin, was nichts heißen soll, lerne gerne dazu..

Die Adware "MyWebSearch", ist nix schlimmes. Eine Toolbar die sich halt was tiefer ins System schreibt.

Und wie man weiß ist Adware alles andere als ein Grund zu formatieren.

Also kein Grund zur Panik alles im grünen.

My Web Search nicht aber

 

g:\WINDOWS\system32\systemx86\214.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\215.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\216.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.

Danke für den Hinweis, den Schädling hab ich gesehen, aber nicht "Keygen,Serial".

 

wo man grade beim zerpflücken ist:
der müll von logitec wurde auch gesehen? aus unerfindlichen gründen istda sehr viel von im log.
18 - Protocol: bw+0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

von diesem eintrag ist kiloweise was da.normal ist das aber nicht.

ob man das system sauber bekommt,weis ich nicht.eventuel ist sauber neuinstaliere schneller.

hola chicos, supervielen dank fuer die vielen hinweise, werde alles moegliche versuchen, damit ich nicht neu installieren muss, denn das geht nicht so leicht (wo ich den pc gekauft habe, wurde alles installiert und mir keine cds ausgehaendigt - mexiko), zudem ich ein programm habe HOMEPAGEFIX, mit dem ich meine homepage erstellte, wo ich keiner sicherheitskopie machen kann, geht einfach nicht.
also, den malwarebyte-scan sagte, dass alles ok ist, siehe
Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2479
Windows 5.1.2600 Service Pack 3

23/07/2009 19:32:46
mbam-log-2009-07-23 (19-32-46).txt

Scan-Methode: Vollständiger Scan (G:\|H:\|)
Durchsuchte Objekte: 182011
Laufzeit: 40 minute(s), 20 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

nun zu schritt 2, lieben gruss 

Ein hinweis an microsoft wegen der fehlenden cds dürfte helfen.Auch in mexico gelten die lizenzbestimmungen von microsoft.
Eine Cd könnte man in deutsch bereitstellen,sofern das reicht.
Den autostart bei diesem system bitte entmüllen,schaut fürchterlich aus.

hola, nun habe ich mit a-square gescanntund anschliessend poste ich das Ergebnis. Ich finde es wirklich super, dass ihr euch so viel arbeit macht, mir weiterzuhelfen. ein ganz dickes danke 

a-squared Free - Version 4.5
Letztes Update: 23/07/2009 21:41:11

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Speicher, Traces, Cookies, G:\, H:\
Archiv Scan: An
Heuristik: Aus
ADS Scan: An

Scan Beginn:   23/07/2009 21:43:55

[4880] G:\WINDOWS\system32\winadmd.exe    gefunden: Riskware.Monitor.Win32.ParentsFriend!IK
g:\archivos de programa\myplaycity.com    gefunden: Trace.Directory.Plasticine Martian 2.0!A2
Value: HKEY_USERS\S-1-5-21-1606980848-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Emule --> Order    gefunden: Trace.Registry.Emule 5.0!A2
g:\windows\system32\beegd10.ocx    gefunden: Trace.File.Morpheus!A2
Key: HKEY_USERS\S-1-5-21-1606980848-1592454029-725345543-1003\software\install    gefunden: Trace.Registry.AdClicker!A2
Value: HKEY_CLASSES_ROOT\arlnk --> URL Protocol    gefunden: Trace.Registry.Ares Galaxy P2P Plus!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\arlnk --> URL Protocol    gefunden: Trace.Registry.Ares Galaxy P2P Plus!A2
Key: HKEY_CLASSES_ROOT\interface\{07b18eaa-a523-4961-b6bb-170de4475cca}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{07b18eac-a523-4961-b6bb-170de4475cca}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{3e720451-b472-4954-b7aa-33069eb53906}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{3e720453-b472-4954-b7aa-33069eb53906}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9}    gefunden: Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}    gefunden: Trace.Registry.MyWebSearchToobar!A2
G:\Documents and Settings\Admin\Cookies\admin@247realmedia[1].txt    gefunden: Trace.TrackingCookie.247realmedia!A2
G:\Documents and Settings\Admin\Cookies\admin@adtech[1].txt    gefunden: Trace.TrackingCookie.adtech!A2
G:\Documents and Settings\Admin\Cookies\admin@advertising[2].txt    gefunden: Trace.TrackingCookie.advertising!A2
G:\Documents and Settings\Admin\Cookies\admin@atdmt[2].txt    gefunden: Trace.TrackingCookie.atdmt!A2
G:\Documents and Settings\Admin\Cookies\admin@computerhilfen[1].txt    gefunden: Trace.TrackingCookie.com!A2
G:\Documents and Settings\Admin\Cookies\admin@doubleclick[1].txt    gefunden: Trace.TrackingCookie.doubleclick!A2
G:\Documents and Settings\Admin\Cookies\admin@fastclick[2].txt    gefunden: Trace.TrackingCookie.fastclick!A2
G:\Documents and Settings\Admin\Cookies\[email protected][2].txt    gefunden: Trace.TrackingCookie.google.com!A2
G:\Documents and Settings\Admin\Cookies\admin@realmedia[2].txt    gefunden: Trace.TrackingCookie.realmedia!A2
G:\Documents and Settings\Admin\Cookies\admin@smartadserver[2].txt    gefunden: Trace.TrackingCookie.smartadserver!A2
G:\Documents and Settings\Admin\Cookies\admin@tradedoubler[1].txt    gefunden: Trace.TrackingCookie.tradedoubler!A2
G:\Documents and Settings\Admin\Cookies\[email protected][1].txt    gefunden: Trace.TrackingCookie.www.com!A2
G:\Documents and Settings\Admin\Cookies\admin@zedo[2].txt    gefunden: Trace.TrackingCookie.zedo!A2
G:\Archivos de programa\Circle Developemen\Uninstall.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\Archivos de programa\DsNET Corp\aTube Catcher 1.0\smh.exe    gefunden: Trojan-Dropper!IK
G:\Archivos de programa\OnlineHelpConsole\InfoView.exe    gefunden: Trojan-Banker.Win32.Banker!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\Aim Tons Surf.exe    gefunden: Trojan.Swizzor!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\antidog.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\fkzxgeqy.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\jqhybzty.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\procreadmemailfive.exe    gefunden: Trojan-Downloader.Win32.Swizzor!IK
G:\Documents and Settings\Admin\Escritorio\angel\142 Juegos 128x160\142 Juegos 128x160\PES 2009 128x160.jar    gefunden: Trojan.Script!IK
G:\Documents and Settings\Admin\Mis documentos\LimeWire\Saved\Likin Park\likin park the new divide(1).wma    gefunden: Trojan-Downloader.WMA.Wimad!IK
G:\Documents and Settings\All Users\Datos de programa\Camp bows 64 global\creative file.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\miguel.CLIENTE\Mis documentos\LimeWire\Incomplete\T-5236582-kinto sol (instrumental version).mp3    gefunden: Trojan.Wimad!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg10.wma    gefunden: Trojan-Downloader.WMA.Wimad!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg12.mp3    gefunden: Trojan.Wimad!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg2.rar/kinto sol.wma    gefunden: Trojan-Downloader.WMA.Wimad!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg2.rar/Kinto Sol - Illegales.wma    gefunden: Trojan-Downloader.WMA.Wim!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg2.rar/kinto sol los hijos del maiz (unreleased live record).mp3    gefunden: Trojan-Downloader.WMA.GetCodec!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg3.mp3    gefunden: Trojan-Downloader.WMA.GetCodec!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071248.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071260.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071266.dll    gefunden: Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071305.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071309.dll    gefunden: Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071336.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071343.dll    gefunden: Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071374.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071378.dll    gefunden: Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071380.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071409.exe    gefunden: Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071414.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071415.exe    gefunden: Trojan.Swizzor!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071416.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071435.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071462.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071473.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071489.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071510.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071543.exe    gefunden: Trojan.Win32.Obfuscated!IK
G:\WINDOWS\system32\Comclg32.dll    gefunden: Riskware.Monitor.Win32.ParentsFriend!IK
G:\WINDOWS\system32\TEHhe1dIr29Pb.vbs    gefunden: Trojan.Script!IK
G:\WINDOWS\system32\winadmd.exe    gefunden: Riskware.Monitor.Win32.ParentsFriend!IK

Gescannt

Dateien:    172142
Traces:    701933
Cookies:    109
Prozesse:    53

Gefunden

Dateien:    41
Traces:    17
Cookies:    13
Prozesse:    1
Registry Keys:    0

Scan Ende:   23/07/2009 22:45:54
Scan Zeit:   1:01:59

 

Teil 2:

G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg2.rar/kinto sol los hijos del maiz (unreleased live record).mp3   Gelöscht Trojan-Downloader.WMA.GetCodec!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg3.mp3   Gelöscht Trojan-Downloader.WMA.GetCodec!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg2.rar/Kinto Sol - Illegales.wma   Gelöscht Trojan-Downloader.WMA.Wim!IK
G:\Documents and Settings\miguel.CLIENTE\Mis documentos\LimeWire\Incomplete\T-5236582-kinto sol (instrumental version).mp3   Gelöscht Trojan.Wimad!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg12.mp3   Gelöscht Trojan.Wimad!IK
G:\Documents and Settings\Admin\Mis documentos\LimeWire\Saved\Likin Park\likin park the new divide(1).wma   Gelöscht Trojan-Downloader.WMA.Wimad!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg10.wma   Gelöscht Trojan-Downloader.WMA.Wimad!IK
G:\RECYCLER\S-1-5-21-1606980848-1592454029-725345543-1011\Dg2.rar/kinto sol.wma   Gelöscht Trojan-Downloader.WMA.Wimad!IK
G:\Documents and Settings\Admin\Escritorio\angel\142 Juegos 128x160\142 Juegos 128x160\PES 2009 128x160.jar   Gelöscht Trojan.Script!IK
G:\WINDOWS\system32\TEHhe1dIr29Pb.vbs   Gelöscht Trojan.Script!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\procreadmemailfive.exe   Gelöscht Trojan-Downloader.Win32.Swizzor!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\antidog.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\jqhybzty.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\All Users\Datos de programa\Camp bows 64 global\creative file.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071414.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071416.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071435.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071462.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071473.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071489.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071510.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071543.exe   Gelöscht Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\Aim Tons Surf.exe   Gelöscht Trojan.Swizzor!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071415.exe   Gelöscht Trojan.Swizzor!IK
G:\Archivos de programa\OnlineHelpConsole\InfoView.exe   Gelöscht Trojan-Banker.Win32.Banker!IK
G:\Archivos de programa\DsNET Corp\aTube Catcher 1.0\smh.exe   Gelöscht Trojan-Dropper!IK
G:\Archivos de programa\Circle Developemen\Uninstall.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\Admin\Datos de programa\less 4 amen\fkzxgeqy.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071248.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071260.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071305.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071336.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071374.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071380.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP148\A0071409.exe   Gelöscht Virus.Trojan.Win32.Obfuscated!IK
G:\Documents and Settings\Admin\Cookies\admin@zedo[2].txt   Gelöscht Trace.TrackingCookie.zedo!A2
G:\Documents and Settings\Admin\Cookies\[email protected][1].txt   Gelöscht Trace.TrackingCookie.www.com!A2
G:\Documents and Settings\Admin\Cookies\admin@tradedoubler[1].txt   Gelöscht Trace.TrackingCookie.tradedoubler!A2
G:\Documents and Settings\Admin\Cookies\admin@smartadserver[2].txt   Gelöscht Trace.TrackingCookie.smartadserver!A2
G:\Documents and Settings\Admin\Cookies\admin@realmedia[2].txt   Gelöscht Trace.TrackingCookie.realmedia!A2
G:\Documents and Settings\Admin\Cookies\[email protected][2].txt   Gelöscht Trace.TrackingCookie.google.com!A2
G:\Documents and Settings\Admin\Cookies\admin@fastclick[2].txt   Gelöscht Trace.TrackingCookie.fastclick!A2
G:\Documents and Settings\Admin\Cookies\admin@doubleclick[1].txt   Gelöscht Trace.TrackingCookie.doubleclick!A2
G:\Documents and Settings\Admin\Cookies\admin@computerhilfen[1].txt   Gelöscht Trace.TrackingCookie.com!A2
G:\Documents and Settings\Admin\Cookies\admin@atdmt[2].txt   Gelöscht Trace.TrackingCookie.atdmt!A2
G:\Documents and Settings\Admin\Cookies\admin@advertising[2].txt   Gelöscht Trace.TrackingCookie.advertising!A2
G:\Documents and Settings\Admin\Cookies\admin@adtech[1].txt   Gelöscht Trace.TrackingCookie.adtech!A2
G:\Documents and Settings\Admin\Cookies\admin@247realmedia[1].txt   Gelöscht Trace.TrackingCookie.247realmedia!A2
Key: HKEY_CLASSES_ROOT\interface\{07b18eaa-a523-4961-b6bb-170de4475cca}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{07b18eac-a523-4961-b6bb-170de4475cca}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{3e720451-b472-4954-b7aa-33069eb53906}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{3e720453-b472-4954-b7aa-33069eb53906}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Key: HKEY_CLASSES_ROOT\interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}   Gelöscht Trace.Registry.MyWebSearchToobar!A2
Value: HKEY_CLASSES_ROOT\arlnk --> URL Protocol   Gelöscht Trace.Registry.Ares Galaxy P2P Plus!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\arlnk --> URL Protocol   Gelöscht Trace.Registry.Ares Galaxy P2P Plus!A2
Key: HKEY_USERS\S-1-5-21-1606980848-1592454029-725345543-1003\software\install   Gelöscht Trace.Registry.AdClicker!A2
g:\windows\system32\beegd10.ocx   Gelöscht Trace.File.Morpheus!A2
Value: HKEY_USERS\S-1-5-21-1606980848-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Emule --> Order   Gelöscht Trace.Registry.Emule 5.0!A2
g:\archivos de programa\myplaycity.com   Gelöscht Trace.Directory.Plasticine Martian 2.0!A2
[4880] G:\WINDOWS\system32\winadmd.exe   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071266.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071309.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071343.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071378.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\WINDOWS\system32\Comclg32.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\WINDOWS\system32\winadmd.exe   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
g:\windows\system32\beegd10.ocx   Gelöscht Trace.File.Morpheus!A2
[4880] G:\WINDOWS\system32\winadmd.exe   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071266.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071309.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071343.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\System Volume Information\_restore{07217E14-6705-4994-9546-71C704E226A0}\RP147\A0071378.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\WINDOWS\system32\Comclg32.dll   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK
G:\WINDOWS\system32\winadmd.exe   Gelöscht Riskware.Monitor.Win32.ParentsFriend!IK

Gelöscht

Dateien:    47
Traces:    18
Cookies:    13
 

Wenn ich mir das anseh kann ich dir nur sagen formatieren.

Mit deiner ganzen Filesharing kagge, haste dir ordentlich was eingefangen!

Ähm,neuinstalieren ist leider nicht das,was der TO lesen will.also bitte mundgerechte stücke servieren,nicht den vorschlaghammer...

Kann ich leider auch nichts für, ich denke hier sind wir uns einig w2. So en System zu reinigen ist sinnfrei und wer sich illegales runterlädt muss damit rechnen.

zuerst einmal danke an euch, es hat geholfen, nach den vielen scanvorschlaegen von ersguterjunge oeffnen sich keine CID-Seiten mehr - 
zudem habe ich eine sperre ueber family-safety eingebaut, dass hier keiner mehr alles downloaden kann, hoffe das problem ist damit behoben....

GRACIAS und weiter so!!!

Wenn du Glück hast passiert nichts mehr und das wichtigste wurde gelöscht. Wenn du Pesch hast, wird dein System immer und immer mehr verändert ohne dass du es merkst.

Das Risiko bleibt hoch.

Trotzdem danke fürs Feedback.

Gruß Deniz 

Scannen mit LiveCD .....
http://www.freedrweb.com/livecd/

ist nur am DownloadT-tag aktuell!!

Dann sofort Sicherung der Daten machen....
So hast Du Zeit gewonnen..... 

Aber der Banker wurde schon gesehen.
Keygens C.racks usw sind für nichts anderes mehr als Dir Malware unterzujubeln.

Formatiere deinen Rechner und wenn Du onlinebanking betrieben hast, halte dein Konto im Auge bzw setze Dich mit Deiner Bank in Verbindung.

 

Wenn du Glück hast passiert nichts mehr und das wichtigste wurde gelöscht. Wenn du Pesch hast, wird dein System immer und immer mehr verändert ohne dass du es merkst.