Werden wir versuchen. Die Sache ist aber dass die Ausführen als Funktion im normalen account ein passwort für den admin wollte bei eintippen von Administrator. Vielleicht gehts ja im Loginscreen.
Oder klappt das mit ausführen als unter xp nicht? Jahre her dass ich was mit XP zu tun hatte.
Eine Idee:
Könnte es sein dass der admin bei einem schwedischen Windows anders als administrator (kleiner anfangsbuchstabe?) heißt? Mal suchen.
Hab einen Verweis bei Microsoft gefunden dass der Account in schwedisch anders heißt. Gibt nur wenige Windows versionen wo das der Fall ist. Es kann ja nicht einfach sein. Müsste ich nur noch wissen wie er dann heißt.
Administratör. Das könnte das Problem lösen, mal warten bis sie online ist und versuchen.
So, ich habe die Logs von ihr. Inklusive Fullscan mit Administratorrechten (Wieso das nun doch ging... weiß der Himmel allein)
Bitte entschuldige die Missverständnisse und vielen Logs, sie hats versucht und schließlich auch hingebracht mit dem Fullscan. War über die Sprachen hinweg nicht ganz einfach.
Zuerst hat sie mich falsch verstanden und einen schnellscan gemacht, das Programm war auf Schwedisch installiert. Ich hab ihr gesagt sie soll nichts entfernen weil das Log so nicht leicht zu verstehen ist.
Hier also ein Log in Schwedisch:
Code:
Malwarebytes Anti-Malware (Testversion) 1.61.0.1400
www.malwarebytes.org
Databasversion: v2012.06.26.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-L*** [begränsad]
Skydd: Aktiverad
2012-06-25 23:02:14
mbam-log-2012-06-25 (23-45-47).txt
Skanningstyp: Snabbskanning
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 199529
Förfluten tid: 30 minut(er), 25 sekund(er)
Upptäckta minnesprocesser: 1
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> 664 -> Ingen åtgärd.
Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)
Upptäckta registernycklar: 143
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCR\CLSID\{448F52EB-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{448F52EB-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{448F52EB-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\MADOWN (Worm.Magania) -> Ingen åtgärd.
HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Ingen åtgärd.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Save (Adware.WhenU) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
Upptäckta registervärden: 12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Save (Trojan.Agent) -> Data: C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Data: êRDänH¯Oc¢0#èG -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±##¥aI¶»#
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Ingen åtgärd.
Upptäckta registerdataposter: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Dåligt: (hxxp://domredi.com/1/) Bra: (hxxp://www.google.com) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Dåligt: (0) Bra: (1) -> Ingen åtgärd.
Upptäckta mappar: 19
C:\WINDOWS\system32\SystemX86 (Trojan.Tracur) -> Ingen åtgärd.
C:\Program\FunWebProducts (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\Save (Adware.WhenU) -> Ingen åtgärd.
Upptäckta filer: 142
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
c:\windows\system32\win0a78.dll (Adware.Mirar) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\SaveUninst.exe (Trojan.Agent) -> Ingen åtgärd.
C:\Program\Mozilla Firefox\components\SaveComponent.dll (Trojan.Agent) -> Ingen åtgärd.
C:\WINDOWS\system32\f3PSSavr.scr (PUP.FunWebProducts) -> Ingen åtgärd.
C:\WINDOWS\system32\win0a.exe (Trojan.Dropper) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593C.manifest (Malware.Trace) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593O.manifest (Malware.Trace) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593P.manifest (Malware.Trace) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593S.manifest (Malware.Trace) -> Ingen åtgärd.
C:\WINDOWS\system32\f3PSSavr.scr (Trojan.Agent) -> Ingen åtgärd.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Ingen åtgärd.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\181.crack.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\178.music.mp3 (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\181.crack.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\182.keygen.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\182.keygen.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\183.serial.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\183.serial.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\184.setup.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\184.setup.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\185.music.au (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\185.music.au.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\186.music.mp3 (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\186.music.mp3.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\187.music2.au (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\187.music2.au.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\188.music.snd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\188.music.snd.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\Save\SaveUninst.exe (Adware.WhenU) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Ingen åtgärd.
(klar)
Ich hab ihr gesagt sie soll auf englisch umschalten, hat sie gemacht, zum Test ein schneller Flashscan:
Code:
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.26.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-LJ***[limited]
Protection: Disabled
2012-06-26 00:30:53
mbam-log-2012-06-26 (00-30-53).txt
Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 151525
Time elapsed: 3 minute(s), 28 second(s)
Memory Processes Detected: 1
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> 664 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 104
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Save (Adware.WhenU) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
Registry Values Detected: 7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Save (Trojan.Agent) -> Data: C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (hxxp://domredi.com/1/) Good: (hxxp://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
Folders Detected: 19
C:\Program\FunWebProducts (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.
C:\WINDOWS\system32\SystemX86 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Program\Save (Adware.WhenU) -> Quarantined and deleted successfully.
Files Detected: 138
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593C.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593O.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593P.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593S.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program\Mozilla Firefox\components\SaveComponent.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\181.crack.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\178.music.mp3 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\181.crack.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\182.keygen.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\182.keygen.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\183.serial.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\183.serial.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\184.setup.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\184.setup.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\185.music.au (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\185.music.au.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\186.music.mp3 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\186.music.mp3.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\187.music2.au (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\187.music2.au.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\188.music.snd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\188.music.snd.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Program\Save\SaveUninst.exe (Adware.WhenU) -> Quarantined and deleted successfully.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
(end)
Wieso da nicht nur Quarantined steht kann ich nicht sagen. Irgendwas lief schief. Also nochmal um zu sehen ob jetzt Adminrechte da sind, immer noch nicht.
Code:
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.26.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-L***[limited]
Protection: Disabled
2012-06-26 00:45:34
mbam-log-2012-06-26 (00-45-34).txt
Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 151557
Time elapsed: 2 minute(s), 44 second(s)
Memory Processes Detected: 1
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Adware.Mirar) -> 664 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 79
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.
Registry Values Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Save (Adware.Mirar) -> Data: C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 17
C:\Program\FunWebProducts (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.
Files Detected: 108
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Adware.Mirar) -> Delete on reboot.
(end)
Und schließlich der Fullscan mit Adminrechten. Da taucht allerdings einiges nicht mehr auf was der Flashscan erwischt hat.
Code:
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.26.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-L*** [administrator]
Protection: Disabled
2012-06-26 01:32:45
mbam-log-2012-06-26 (01-32-45).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 278793
Time elapsed: 3 hour(s), 24 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 111
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Detected: 10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±##¥aI¶»#No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 17
C:\Program\FunWebProducts (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.
Files Detected: 115
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\Windows Live\Messenger\riched20.dll (PUP.FunWebProducts) -> No action taken.
C:\Program\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Mina dokument\Hämtade filer\SoftonicDownloader_for_vlc-media-player.exe (PUP.ToolbarDownloader) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\SaveUninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8104c1ad-c741-44bd-a61c-287ac9de0ed7}\rp733\a0262098.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\win0a.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
d:\r3q63rok.exe (Trojan.GamesThief) -> Quarantined and deleted successfully.
d:\system volume information\_restore{8104c1ad-c741-44bd-a61c-287ac9de0ed7}\rp733\a0262204.exe (Trojan.GamesThief) -> Quarantined and deleted successfully.
(end)
Eset reiche ich nach sobald der arme Rechner das mal fertig bringt. Aber die Log sollten für ein erstes Bild der Lage reichen.
Ich hab sowas noch nie gesehen, so viele Viren auf einem Rechner.
Wie weiter?
