Computerhilfen.de Logo
Forum
Tipps
News
Frage stellen

CiD Werbeseiten

hola, bitte helft mir weiter - seit tagen oeffnen sich staendig CID-Werbeseiten, das nervt. habe schon
hijack geladen, wollte den scan anhaengen, aber das sind zuviele zeichen, nicht erlaubt. bitte eine moeglichst einfache loesung, da ich keinerlei ahnung von programmierung habe  ??? und diesen schritt mir von anderen, die das gleiche problem haben, abgesehen habe. aber jetzt weiss ich nicht mehr weiter.
hier in mexico gibt es kaum deutschsprachige, die mir weiterhelfen koennen.
vielen, vielen dank im voraus  ;)

 



Antworten zu CiD Werbeseiten:

Hat dir diese Antwort geholfen?

Danke ButtonHilfreiche Antwort Button

Teile das Hijackthis Logfile auf 2 Beiträge auf.

Außerdem wende Malwarebytes an, Report hier posten!
http://www.computerhilfen.de/info/anleitung-zum-loeschen-von-viren-und-trojanern.html

hijck:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
g:\archivos de programa\archivos comunes\logitech\lvmvfm\LVPrcSrv.exe
G:\Archivos de programa\Google\Update\1.2.183.7\GoogleCrashHandler.exe
G:\WINDOWS\Explorer.EXE
G:\ARCHIV~1\AVG\AVG8\avgwdsvc.exe
G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40ST7.EXE
G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
G:\Archivos de programa\Java\jre6\bin\jqs.exe
G:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe
G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\Communications_Helper.exe
G:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe
G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\LVComSX.exe
G:\WINDOWS\system32\VTTimer.exe
G:\WINDOWS\system32\S3Trayp.exe
G:\Archivos de programa\CDBurnerXP\NMSAccessU.exe
G:\Archivos de programa\Winamp\winampa.exe
G:\Archivos de programa\Photodex\ProShow\ScsiAccess.exe
g:\Archivos de programa\Microsoft SQL Server\90\Shared\sqlwriter.exe
G:\ARCHIV~1\AVG\AVG8\avgtray.exe
G:\Archivos de programa\Java\jre6\bin\jusched.exe
G:\WINDOWS\system32\winadm.exe
G:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
G:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
G:\Archivos de programa\Internet Explorer\IEXPLORE.EXE
G:\WINDOWS\system32\svchost.exe
G:\ARCHIV~1\AVG\AVG8\avgrsx.exe
G:\ARCHIV~1\AVG\AVG8\avgnsx.exe
G:\Archivos de programa\UPHClean\uphclean.exe
G:\WINDOWS\system32\wbem\wmiapsrv.exe
G:\Archivos de programa\Logitech\QuickCam10\COCIManager.exe
G:\WINDOWS\system32\winadmd.exe
G:\Archivos de programa\Internet Explorer\iexplore.exe
G:\Archivos de programa\Internet Explorer\iexplore.exe
G:\WINDOWS\system32\wuauclt.exe
G:\Archivos de programa\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ig?hl=de&source=iglk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
R3 - URLSearchHook: (no name) - *{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - G:\Archivos de programa\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - G:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - G:\Archivos de programa\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - G:\Archivos de programa\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - G:\Archivos de programa\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - G:\Archivos de programa\Archivos comunes\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - G:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - G:\Archivos de programa\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Archivos de programa\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Archivos de programa\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - G:\Archivos de programa\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - G:\Archivos de programa\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - G:\Archivos de programa\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] G:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] G:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] G:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "G:\Archivos de programa\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "G:\Archivos de programa\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "G:\Archivos de programa\Archivos comunes\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3Trayp.exe
O4 - HKLM\..\Run: [HDAudDeck] G:\Archivos de programa\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [WinampAgent] "G:\Archivos de programa\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "G:\Archivos de programa\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "G:\Archivos de programa\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] G:\ARCHIV~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [_winadm] G:\WINDOWS\system32\winadm.exe
O4 - HKLM\..\Run: [64 GLOBAL VIEW MAGS] G:\Documents and Settings\All Users\Datos de programa\Camp bows 64 global\creative file.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON TX100 Series] G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDL.EXE /FU "G:\WINDOWS\TEMP\E_S65.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [LDM] G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] G:\Archivos de programa\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Else part] G:\DOCUME~1\Admin\DATOSD~1\LESS4A~1\antidog.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://G:\ARCHIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - G:\Archivos de programa\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - G:\ARCHIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - G:\Archivos de programa\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - G:\ARCHIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - G:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Archivos de programa\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Archivos de programa\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: g:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} (Attachment Upload Control) - https://stream.web.de/mail/activex/mail_upload_11213.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7CF3E6D7-131F-4488-B920-F5F68106069E}: NameServer = 10.102.2.129 200.33.188.1

O18 - Protocol: bw+0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - G:\Archivos de programa\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - G:\Archivos de programa\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\ARCHIV~1\ARCHIV~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: G:\WINDOWS\System32\icardie32.dll
O20 - Winlogon Notify: 50995df2638 - G:\WINDOWS\System32\icardie32.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - G:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - G:\ARCHIV~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - G:\Documents and Settings\All Users\Datos de programa\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Update Service (gupdate1c9827e75b51864) (gupdate1c9827e75b51864) - Google Inc. - G:\Archivos de programa\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - G:\Archivos de programa\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - G:\Archivos de programa\Archivos comunes\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - G:\Archivos de programa\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - g:\archivos de programa\archivos comunes\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - G:\Archivos de programa\Archivos comunes\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: NMSAccessU - Unknown owner - G:\Archivos de programa\CDBurnerXP\NMSAccessU.exe
O23 - Service: ScsiAccess - Unknown owner - G:\Archivos de programa\Photodex\ProShow\ScsiAccess.exe

 

ergebnis malwarebytes:

Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2479
Windows 5.1.2600 Service Pack 3

22/07/2009 12:22:34
mbam-log-2009-07-22 (12-22-33).txt

Scan-Methode: Vollständiger Scan (G:\|H:\|)
Durchsuchte Objekte: 184304
Laufzeit: 40 minute(s), 5 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 108
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 20
Infizierte Dateien: 54

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c003f6ed (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
G:\Archivos de programa\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
G:\Archivos de programa\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
G:\Archivos de programa\NetPumper (Adware.NetPumper) -> Quarantined and deleted successfully.
G:\WINDOWS\system32\SystemX86 (Worm.Archive) -> Quarantined and deleted successfully.

Infizierte Dateien:
G:\Archivos de programa\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
G:\Archivos de programa\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00930DFF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00936B61 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00936E01.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00937302.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\009375B1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\00937842.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\009EC5D0.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\archivos de programa\funwebproducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\213.* bitte keine illegalen Tipps *.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\214.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\215.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\216.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\217.music.au (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\217.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\218.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\218.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\219.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\219.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\220.music.snd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\220.music.snd.kwd (Worm.Archive) -> Quarantined and deleted successfully.
 

hola, ich habe mit malwarebytes gescannt und nocheinmal mit hjack und alle ergebnisse hier gepostet? hilft das weiter? muchisimo gracias und liebe gruesse aus mexico  ::)

ich würde formatieren und das System neu installieren..alle Kennwörter ändern.

Hat dir diese Antwort geholfen?

Danke ButtonHilfreiche Antwort Button
ich würde formatieren und das System neu installieren..alle Kennwörter ändern.

oO wozu ?

NIX schlimmes im System!

Malwarebytes Scan wiederholen, falls noch Funde vorhanden sind löschen lassen.

A-squared free installieren -> Detail Scan machen -> Funde löschen und Report posten.

Der Wurm ist nicht aktiv !

..wenn du meinst, ist gut..für mich ist da zuviel drin, was nichts heißen soll, lerne gerne dazu..

Hat dir diese Antwort geholfen?

Danke ButtonHilfreiche Antwort Button

Die Adware "MyWebSearch", ist nix schlimmes. Eine Toolbar die sich halt was tiefer ins System schreibt.

Und wie man weiß ist Adware alles andere als ein Grund zu formatieren.

Also kein Grund zur Panik alles im grünen.

My Web Search nicht aber

 

Zitat
g:\WINDOWS\system32\systemx86\214.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\215.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
g:\WINDOWS\system32\systemx86\216.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.


Ist ein Grund den Support einzustellen.

Hat dir diese Antwort geholfen?

Danke ButtonHilfreiche Antwort Button

Danke für den Hinweis, den Schädling hab ich gesehen, aber nicht "Keygen,Serial".

 

Hat dir diese Antwort geholfen?

Danke ButtonHilfreiche Antwort Button

wo man grade beim zerpflücken ist:
der müll von logitec wurde auch gesehen? aus unerfindlichen gründen istda sehr viel von im log.
18 - Protocol: bw+0 - {E1076E11-CDCC-4B1B-B3D0-AC9EA41FB999} - G:\Archivos de programa\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

von diesem eintrag ist kiloweise was da.normal ist das aber nicht.

ob man das system sauber bekommt,weis ich nicht.eventuel ist sauber neuinstaliere schneller.

hola chicos, supervielen dank fuer die vielen hinweise, werde alles moegliche versuchen, damit ich nicht neu installieren muss, denn das geht nicht so leicht (wo ich den pc gekauft habe, wurde alles installiert und mir keine cds ausgehaendigt - mexiko), zudem ich ein programm habe HOMEPAGEFIX, mit dem ich meine homepage erstellte, wo ich keiner sicherheitskopie machen kann, geht einfach nicht.
also, den malwarebyte-scan sagte, dass alles ok ist, siehe
Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2479
Windows 5.1.2600 Service Pack 3

23/07/2009 19:32:46
mbam-log-2009-07-23 (19-32-46).txt

Scan-Methode: Vollständiger Scan (G:\|H:\|)
Durchsuchte Objekte: 182011
Laufzeit: 40 minute(s), 20 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

nun zu schritt 2, lieben gruss  ;D


« Windows XP: Zone Alarm, ZonenzuordnungWindows XP: Nach Entfernen von braviax.exe unsicher in Sachen weiterer Infektion »
 

Schnelle Hilfe: Hier nach ähnlichen Fragen und passenden Tipps suchen!

Fremdwörter? Erklärungen im Lexikon!
HiJackThis
Unter dem Begriff HiJackThis verbirgt sich ein  Sicherheitsprogramm, dass den Computer nach Schad-Programmen und Viren durchsucht. Dazu werden spezielle Bereiche in ...

Logfile
Eine Log-Datei ist eine Datei mit einer Art Protokoll, dass Aufschluss gibt über jegliche Aktivität auf einem Rechner. Das automatrisch geführte Protokoll ...

SQL
SQL ist eine Abkürzung für Standard Query Language. Dies ist eine Abfragesprache für relationale Datenbanken, die in Form von standardisierten Befehlen ein...