dann hier
http://www.myupload.dk/

ne nach mehreren versuchen hat es geklappt hab dir pn die links geschickt so und muss ich jetzt noch was beachten?

ok weiter:
combofix:

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.

• Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
  Tool
  
  Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  
• Hinweis:
  Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  
• Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

so hab es jetzt durchlaufen lassen komme allerdings mit dem laptop nicht ins internet die verbindung steht allerdings wenn ich auf mein explorer zu greife dann kommt da die Meldung: Es wurde versucht einen Registrierungsschlüssel einem unzulässigen Vorgang zu untreziehen, der zum löschen markiert wurde. und jetzt?

so nach einem nochmaligen Neustart geht wieder alles hier der text von der combofix:
Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 11-11-21.01 - Yasemin 21.11.2011  21:11:49.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3959.2733 [GMT 1:00]
ausgeführt von:: c:\users\Yasemin\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~2\MYWEBS~1\bar\2.bin\mwsoemon.exe
c:\program files (x86)\FunWebProducts
c:\program files (x86)\LP
c:\program files (x86)\MyWebSearch
c:\program files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files (x86)\MyWebSearch\bar\1.bin\M3FFTBPR.DLL
c:\program files (x86)\MyWebSearch\bar\1.bin\M3PATCH.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\CHROME.MANIFEST
c:\program files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR
c:\program files (x86)\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files (x86)\MyWebSearch\bar\2.bin\F3CJPEG.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3DTACTL.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3HISTSW.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3HTmlmu.dll
c:\program files (x86)\MyWebSearch\bar\2.bin\F3HTTPCT.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3IMSTUB.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3POPSWT.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
c:\program files (x86)\MyWebSearch\bar\2.bin\F3REGHK.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files (x86)\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files (x86)\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
c:\program files (x86)\MyWebSearch\bar\2.bin\INSTALL.RDF
c:\program files (x86)\MyWebSearch\bar\2.bin\M3AUXSTB.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3DLGHK.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3FFTBPR.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3HTml.dll
c:\program files (x86)\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\M3MEDINT.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\M3MSG.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3OUtlcn.dll
c:\program files (x86)\MyWebSearch\bar\2.bin\M3PATCH.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3SKIN.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\M3TPINST.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\M3UNPAT.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSMLBTN.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE
c:\program files (x86)\MyWebSearch\bar\2.bin\MWSUABTN.DLL
c:\program files (x86)\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files (x86)\MyWebSearch\bar\Game\CHESS.F3S
c:\program files (x86)\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files (x86)\MyWebSearch\bar\icons\CM.ICO
c:\program files (x86)\MyWebSearch\bar\icons\MFC.ICO
c:\program files (x86)\MyWebSearch\bar\icons\PSS.ICO
c:\program files (x86)\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files (x86)\MyWebSearch\bar\icons\WB.ICO
c:\program files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files (x86)\MyWebSearch\bar\Message\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files (x86)\MyWebSearch\bar\Settings\s_pid.dat
c:\programdata\FullRemove.exe
c:\users\Yasemin\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\windows\SysWow64\f3PSSavr.scr
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\system32
c:\windows\SysWow64\system32\3DAudio.ax
c:\windows\SysWow64\system32\avrt.dll
c:\windows\SysWow64\system32\cis-2.4.dll
c:\windows\SysWow64\system32\issacapi_bs-2.3.dll
c:\windows\SysWow64\system32\issacapi_pe-2.3.dll
c:\windows\SysWow64\system32\issacapi_se-2.3.dll
c:\windows\SysWow64\system32\MACXMLProto.dll
c:\windows\SysWow64\system32\MaDRM.dll
c:\windows\SysWow64\system32\MaJGUILib.dll
c:\windows\SysWow64\system32\MAMACExtract.dll
c:\windows\SysWow64\system32\MASetupCleaner.exe
c:\windows\SysWow64\system32\MaXMLProto.dll
c:\windows\SysWow64\system32\mfplat.dll
c:\windows\SysWow64\system32\MK_Lyric.dll
c:\windows\SysWow64\system32\MSCLib.dll
c:\windows\SysWow64\system32\MSFLib.dll
c:\windows\SysWow64\system32\MSLUR71.dll
c:\windows\SysWow64\system32\msvcp60.dll
c:\windows\SysWow64\system32\MTTELECHIP.dll
c:\windows\SysWow64\system32\MTXSYNCICON.dll
c:\windows\SysWow64\system32\muzaf1.dll
c:\windows\SysWow64\system32\muzapp.dll
c:\windows\SysWow64\system32\muzapp.exe
c:\windows\SysWow64\system32\muzdecode.ax
c:\windows\SysWow64\system32\muzeffect.ax
c:\windows\SysWow64\system32\muzmp4sp.ax
c:\windows\SysWow64\system32\muzmpgsp.ax
c:\windows\SysWow64\system32\muzoggsp.ax
c:\windows\SysWow64\system32\muzwmts.dll
c:\windows\SysWow64\system32\psapi.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_MyWebSearchService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-10-21 bis 2011-11-21  ))))))))))))))))))))))))))))))
.
.
2011-11-21 20:30 . 2011-11-21 20:30	69000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{323009EE-373A-4205-ABB1-D4C2B991297B}\offreg.dll
2011-11-21 20:26 . 2011-11-21 20:26	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-11-21 19:25 . 2011-11-21 19:39	--------	d-----w-	C:\_OTL
2011-11-21 18:34 . 2011-11-21 18:34	--------	d-----w-	c:\program files (x86)\QuickTime
2011-11-21 18:32 . 2011-11-21 18:32	--------	d-----w-	c:\program files\iPod
2011-11-21 18:32 . 2011-11-21 18:33	--------	d-----w-	c:\program files\iTunes
2011-11-21 18:32 . 2011-11-21 18:33	--------	d-----w-	c:\program files (x86)\iTunes
2011-11-21 18:17 . 2011-10-07 04:16	8570192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{323009EE-373A-4205-ABB1-D4C2B991297B}\mpengine.dll
2011-11-21 17:36 . 2011-11-21 17:36	--------	d-----w-	c:\program files (x86)\02565
2011-11-18 19:48 . 2011-11-21 18:11	--------	d-----w-	c:\users\Yasemin\AppData\Roaming\44202
2011-11-14 20:21 . 2011-11-14 20:26	--------	d-----w-	c:\users\Yasemin\.jenny
2011-11-10 04:57 . 2011-09-29 04:03	3144704	----a-w-	c:\windows\system32\win32k.sys
2011-11-10 04:57 . 2011-10-01 05:45	886784	----a-w-	c:\program files\Common Files\System\wab32.dll
2011-11-10 04:57 . 2011-10-01 04:37	708608	----a-w-	c:\program files (x86)\Common Files\System\wab32.dll
2011-11-10 04:57 . 2011-09-29 16:29	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-11-06 12:22 . 2011-11-06 12:22	--------	d-----w-	c:\programdata\AVS4YOU
2011-11-06 12:22 . 2011-11-06 12:30	--------	d-----w-	c:\users\Yasemin\AppData\Roaming\AVS4YOU
2011-11-06 12:21 . 2011-09-20 13:35	11137024	----a-w-	c:\windows\SysWow64\libmfxsw32.dll
2011-11-06 12:21 . 2010-11-12 19:18	1700352	----a-w-	c:\windows\SysWow64\GdiPlus.dll
2011-11-06 12:21 . 2011-11-06 12:22	--------	d-----w-	c:\program files (x86)\AVS4YOU
2011-11-06 12:21 . 2011-11-06 12:22	--------	d-----w-	c:\program files (x86)\Common Files\AVSMedia
2011-11-06 12:08 . 2011-11-06 12:20	--------	d-----w-	c:\program files (x86)\NCH Swift Sound
2011-11-06 12:08 . 2011-11-06 12:08	--------	d-----w-	c:\programdata\NCH Software
2011-11-06 12:08 . 2011-11-06 12:08	--------	d-----w-	c:\program files (x86)\NCH Software
2011-11-06 12:08 . 2011-11-06 12:09	--------	d-----w-	c:\users\Yasemin\AppData\Roaming\NCH Software
2011-10-26 15:58 . 2011-08-13 05:27	6144	----a-w-	c:\program files\Internet Explorer\iecompat.dll
2011-10-26 15:58 . 2011-08-13 04:18	6144	----a-w-	c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-24 13:29 . 2011-10-24 13:29	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-01 03:25 . 2011-10-13 16:19	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-10-01 02:42 . 2011-10-13 16:19	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-08-30 21:05 . 2011-08-30 21:05	96104	----a-w-	c:\windows\system32\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05	85864	----a-w-	c:\windows\system32\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05	61288	----a-w-	c:\windows\system32\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05	212840	----a-w-	c:\windows\system32\dnssdX.dll
2011-08-30 21:05 . 2011-08-30 21:05	83816	----a-w-	c:\windows\SysWow64\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05	73064	----a-w-	c:\windows\SysWow64\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05	50536	----a-w-	c:\windows\SysWow64\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05	178536	----a-w-	c:\windows\SysWow64\dnssdX.dll
2011-08-27 05:37 . 2011-10-13 16:20	861696	----a-w-	c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-13 16:20	331776	----a-w-	c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-13 16:20	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-13 16:20	233472	----a-w-	c:\windows\SysWow64\oleacc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55	120176	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-21 39408]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-08-01 958352]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-08-01 3507088]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-01 20880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-04-17 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"IMBooster"="c:\program files (x86)\Iminent\IMBooster\imbooster.exe" [2010-11-19 1323000]
"Iminent.Notifier"="c:\program files (x86)\Iminent\SearchTheWeb\Iminent.Notifier.exe" [2011-01-26 1863168]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-12 421736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-10 135664]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-10 135664]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-03-17 866336]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-10 15:28]
.
2011-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-10 15:28]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58	137584	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-29 9913376]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-04-17 349552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-03-17 860704]
"combofix"="c:\combofix\CF31474.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741zg&r=27361010x915l0494z1l5t4662q22p
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
FF - ProfilePath - c:\users\Yasemin\AppData\Roaming\Mozilla\Firefox\Profiles\l6ckyfr7.default\
FF - prefs.js: network.proxy.type - 0
FF - Ext: Iminent WebBooster: webbooster@iminent.com - c:\program files (x86)\Mozilla Firefox\extensions\webbooster@iminent.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: FB Chat Sidebar Disabler: fbsidebardisabler@vittgam.net - %profile%\extensions\fbsidebardisabler@vittgam.net
FF - Ext: My Web Search: m3ffxtbr@mywebsearch.com - %profile%\extensions\m3ffxtbr@mywebsearch.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3825161990-3667915411-4140138125-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3825161990-3667915411-4140138125-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-11-21  21:43:24 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-11-21 20:43
.
Vor Suchlauf: 14 Verzeichnis(se), 390.417.317.888 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 389.859.061.760 Bytes frei
.
- - End Of File - - AA761B6310A29AB272AA1A6AA9CDC8D4
         

--- --- ---

malwarebytes:
Downloade Dir bitte Malwarebytes

• Installiere
  das Programm in den vorgegebenen Pfad.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Starte Malwarebytes, klicke auf Aktualisierung --> Suche
  nach Aktualisierung
• Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
• Wenn der Scan beendet
  ist, klicke auf Ergebnisse anzeigen.
• Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
• Poste
  das Logfile, welches sich in Notepad öffnet, hier in den Thread.
• Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Hallo hier das logfile so jetzt noch was?? oder bin ich jetzt durch?

Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 8218

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

22.11.2011 21:36:30
mbam-log-2011-11-22 (21-36-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 318761
Laufzeit: 58 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 10
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 47

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
c:\program files (x86)\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\program files (x86)\windows live\messenger\msimg32.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\microgaming\Casino\nostalgia\install.exe (PUP.Casino.Gen) -> Quarantined and deleted successfully.
c:\program files (x86)\windows live\messenger\riched20.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\1.bin\m3fftbpr.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\1.bin\m3patch.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3cjpeg.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3dtactl.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3histsw.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3hkstub.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3htmlmu.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3httpct.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3imstub.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3popswt.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3pssavr.scr.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3reghk.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3reprox.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3restub.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3schmon.exe.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3scrctr.dll.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\f3wphook.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3auxstb.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3dlghk.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3fftbpr.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3html.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3idle.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3impipe.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3medint.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3msg.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3outlcn.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3patch.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3plugin.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3skin.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3skplay.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3slsrch.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3srchmn.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\m3unpat.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\mwsbar.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\mwsmlbtn.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\mwsoeplg.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\mwsoestb.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\mwssrcas.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\mwssvc.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\mwsuabtn.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\mywebsearch\bar\2.bin\npmywebs.dll.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\PROGRA~2\MYWEBS~1\bar\2.bin\mwsoemon.exe.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Windows\SysWOW64\f3pssavr.scr.vir (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\_OTL\movedfiles\11212011_202526\C_Users\Yasemin\AppData\Roaming\microsoft\svhcost.exe (Trojan.Ransom) -> Quarantined and deleted successfully.

nein ich sag dir dann schon bescheid.
lade den CCleaner standard:
CCleaner Download - CCleaner 3.12.1572
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hallo habe erst jetzt gesehen das ich noch nicht durch bin allerdings kam gerade eben wieder die Meldung das mein windwos system blockiert ist muss ich jetzt alles von vorne beginnen? Und wie kann es sein das der Virus immer noch auf dem pc ist nach alldem was ich schon gemacht habe`???


lg

naja vllt hast du einfach wieder ne seite besucht die malware enthält?
deswegen wäre es ja wichtig gewesen alles abzuarbeiten, ich wollte mit dir noch sicherheitslücken schließen etc.
wir könnten es auch so machen das wir den rechner komplett neu aufsetzen und dann von anfang an gleich richtig absichern.
dann wäre dabei auch backup software, und es ist immer besser backups von systemen zu machen die nicht befallen waren. da so das system welches man sichert vertrauenswürdig ist

ja mir bleibt wohl nichts anders übrig als den rechner platt zu mache was? das problem ist nur ich hab das betriebssystem nicht das heist müsste es erst kaufen

es war auf dem laptop drauf als ich es gekauft habe aber die system sicherung auf cd hat nicht geklappt wurde immer wieder abgebrochen das heist ich hab grad nichts in der hand was das betriebssystem betrifft

wie heißt das gerät und wie lautet der name des herstellers

Aspire
Acer 5741ZG

ok da braucht man kein gebranntes immage, dass können wir so machen.
aber vorher musst du natürlich wichtige daten wie bilder dokumente musik außerhalb, zb auf ne externe platte, sichern