Hallo, es gibt ein Problem. Malwarebytes hat bei ihr (winxp) nur limited hinter dem useraccount in den logs stehen. Und es gibt keinen Adminaccount aufzufinden.
Wie weiter vorgehen. Die nacht läuft jetzt trotzdem erst mal ein Fullscan, der wird Massen finden.
Bloß wie verhilft man in der Lage Malwarebytes eset und so weiter unter winxp zu vollen Rechten?
Normal würd ich ja sagen ich installier das alles frisch mit Win7 aber der Rechner ist über dem Ozean und das für ne Weile. Wäre für Tipps dankbar und liefere bald die Logs.

Zitat:

Und es gibt keinen Adminaccount aufzufinden.

Was ist mit dem "Administrator" ?
Dieses vordefnierte Konto ist immer da, bei WIndowsXP im Willkommensbildschirm aber versteckt.
Im Willkommensbildschirm machst du am besten 2x den Affengriff, dann kannst du dich anmelden durch manuelle Eingabe von user+pass

Probier aus als user: administrator mit leerem Kennwort

Werden wir versuchen. Die Sache ist aber dass die Ausführen als Funktion im normalen account ein passwort für den admin wollte bei eintippen von Administrator. Vielleicht gehts ja im Loginscreen.
Oder klappt das mit ausführen als unter xp nicht? Jahre her dass ich was mit XP zu tun hatte.

Eine Idee:
Könnte es sein dass der admin bei einem schwedischen Windows anders als administrator (kleiner anfangsbuchstabe?) heißt? Mal suchen.
Hab einen Verweis bei Microsoft gefunden dass der Account in schwedisch anders heißt. Gibt nur wenige Windows versionen wo das der Fall ist. Es kann ja nicht einfach sein. Müsste ich nur noch wissen wie er dann heißt.
Administratör. Das könnte das Problem lösen, mal warten bis sie online ist und versuchen.

So, ich habe die Logs von ihr. Inklusive Fullscan mit Administratorrechten (Wieso das nun doch ging... weiß der Himmel allein)

Bitte entschuldige die Missverständnisse und vielen Logs, sie hats versucht und schließlich auch hingebracht mit dem Fullscan. War über die Sprachen hinweg nicht ganz einfach.

Zuerst hat sie mich falsch verstanden und einen schnellscan gemacht, das Programm war auf Schwedisch installiert. Ich hab ihr gesagt sie soll nichts entfernen weil das Log so nicht leicht zu verstehen ist.

Hier also ein Log in Schwedisch:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Testversion) 1.61.0.1400
www.malwarebytes.org

Databasversion: v2012.06.26.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-L*** [begränsad]

Skydd: Aktiverad

2012-06-25 23:02:14
mbam-log-2012-06-25 (23-45-47).txt

Skanningstyp: Snabbskanning
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 199529
Förfluten tid: 30 minut(er), 25 sekund(er)

Upptäckta minnesprocesser: 1
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> 664 -> Ingen åtgärd.

Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)

Upptäckta registernycklar: 143
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCR\CLSID\{448F52EB-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{448F52EB-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{448F52EB-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Ingen åtgärd.
HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Ingen åtgärd.
HKCR\CLSID\MADOWN (Worm.Magania) -> Ingen åtgärd.
HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Ingen åtgärd.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Save (Adware.WhenU) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Ingen åtgärd.

Upptäckta registervärden: 12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Save (Trojan.Agent) -> Data: C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{448F52EA-E47F-486E-AF4F-63A2301FE847} (Adware.Mirar) -> Data: êR�DänH¯Oc¢0#èG -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±##¥aI¶»#
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data:  -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data:  -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data:  -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data:  -> Ingen åtgärd.

Upptäckta registerdataposter: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Dåligt: (hxxp://domredi.com/1/) Bra: (hxxp://www.google.com) -> Ingen åtgärd.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Dåligt: (0) Bra: (1) -> Ingen åtgärd.

Upptäckta mappar: 19
C:\WINDOWS\system32\SystemX86 (Trojan.Tracur) -> Ingen åtgärd.
C:\Program\FunWebProducts (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\Save (Adware.WhenU) -> Ingen åtgärd.

Upptäckta filer: 142
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
c:\windows\system32\win0a78.dll (Adware.Mirar) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\SaveUninst.exe (Trojan.Agent) -> Ingen åtgärd.
C:\Program\Mozilla Firefox\components\SaveComponent.dll (Trojan.Agent) -> Ingen åtgärd.
C:\WINDOWS\system32\f3PSSavr.scr (PUP.FunWebProducts) -> Ingen åtgärd.
C:\WINDOWS\system32\win0a.exe (Trojan.Dropper) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593C.manifest (Malware.Trace) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593O.manifest (Malware.Trace) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593P.manifest (Malware.Trace) -> Ingen åtgärd.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593S.manifest (Malware.Trace) -> Ingen åtgärd.
C:\WINDOWS\system32\f3PSSavr.scr (Trojan.Agent) -> Ingen åtgärd.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Ingen åtgärd.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\181.crack.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\178.music.mp3 (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\181.crack.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\182.keygen.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\182.keygen.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\183.serial.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\183.serial.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\184.setup.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\184.setup.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\185.music.au (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\185.music.au.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\186.music.mp3 (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\186.music.mp3.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\187.music2.au (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\187.music2.au.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\188.music.snd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\188.music.snd.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Ingen åtgärd.
C:\Program\Save\SaveUninst.exe (Adware.WhenU) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Ingen åtgärd.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Ingen åtgärd.

(klar)
         

Ich hab ihr gesagt sie soll auf englisch umschalten, hat sie gemacht, zum Test ein schneller Flashscan:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.26.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-LJ***[limited]

Protection: Disabled

2012-06-26 00:30:53
mbam-log-2012-06-26 (00-30-53).txt

Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 151525
Time elapsed: 3 minute(s), 28 second(s)

Memory Processes Detected: 1
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> 664 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 104
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MediaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Save (Adware.WhenU) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data:  -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Save (Trojan.Agent) -> Data: C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (hxxp://domredi.com/1/) Good: (hxxp://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 19
C:\Program\FunWebProducts (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.
C:\WINDOWS\system32\SystemX86 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Program\Save (Adware.WhenU) -> Quarantined and deleted successfully.

Files Detected: 138
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593C.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593O.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593P.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\0200000028b00276593S.manifest (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program\Mozilla Firefox\components\SaveComponent.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\181.crack.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\178.music.mp3 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\181.crack.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\182.keygen.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\182.keygen.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\183.serial.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\183.serial.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\184.setup.zip (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\184.setup.zip.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\185.music.au (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\185.music.au.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\186.music.mp3 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\186.music.mp3.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\187.music2.au (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\187.music2.au.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\188.music.snd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\SystemX86\188.music.snd.kwd (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Program\Save\SaveUninst.exe (Adware.WhenU) -> Quarantined and deleted successfully.
C:\Program\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

(end)
         

Wieso da nicht nur Quarantined steht kann ich nicht sagen. Irgendwas lief schief. Also nochmal um zu sehen ob jetzt Adminrechte da sind, immer noch nicht.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.26.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-L***[limited]

Protection: Disabled

2012-06-26 00:45:34
mbam-log-2012-06-26 (00-45-34).txt

Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 151557
Time elapsed: 2 minute(s), 44 second(s)

Memory Processes Detected: 1
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Adware.Mirar) -> 664 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 79
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.

Registry Values Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data:  -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Save (Adware.Mirar) -> Data: C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 17
C:\Program\FunWebProducts (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.

Files Detected: 108
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\Save.exe (Adware.Mirar) -> Delete on reboot.

(end)
         

Und schließlich der Fullscan mit Adminrechten. Da taucht allerdings einiges nicht mehr auf was der Flashscan erwischt hat.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.26.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
k*** :: DITT-L*** [administrator]

Protection: Disabled

2012-06-26 01:32:45
mbam-log-2012-06-26 (01-32-45).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 278793
Time elapsed: 3 hour(s), 24 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 111
HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.
HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.
HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.
HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Detected: 10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\Program\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Email Plugin (PUP.MyWebSearch) -> Data: C:\Program\MYWEBS~1\bar\1.bin\mwsoemon.exe -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MyWebSearch Plugin (PUP.MyWebSearch) -> Data: rundll32 C:\Program\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±##¥aI¶»#No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data:  -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data:  -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data:  -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data:  -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 17
C:\Program\FunWebProducts (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.

Files Detected: 115
C:\Program\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\Windows Live\Messenger\riched20.dll (PUP.FunWebProducts) -> No action taken.
C:\Program\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Mina dokument\Hämtade filer\SoftonicDownloader_for_vlc-media-player.exe (PUP.ToolbarDownloader) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\CursorManiaBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\FunWebProducts\Shared\Cache\WebfettiBtn.html (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EC76.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006EE5A.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F02F.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F1A6.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F30D.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0006F455.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0018B0AD (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\001B1C2F (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A3B3.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\0024A568.bin (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\ask_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZJ.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\logo_ZR.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\mws_logo.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnbg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtnn2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny1.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebbtny2.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebclose.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\rebut2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\reb_bg.png (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> No action taken.
C:\Program\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.
C:\Documents and Settings\Sonjamusterfrau r\Application Data\Save\SaveUninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8104c1ad-c741-44bd-a61c-287ac9de0ed7}\rp733\a0262098.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\win0a.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
d:\r3q63rok.exe (Trojan.GamesThief) -> Quarantined and deleted successfully.
d:\system volume information\_restore{8104c1ad-c741-44bd-a61c-287ac9de0ed7}\rp733\a0262204.exe (Trojan.GamesThief) -> Quarantined and deleted successfully.

(end)
         

Eset reiche ich nach sobald der arme Rechner das mal fertig bringt. Aber die Log sollten für ein erstes Bild der Lage reichen.
Ich hab sowas noch nie gesehen, so viele Viren auf einem Rechner.
Wie weiter?

Code: Alles auswählenAufklappen

ATTFilter

C:\WINDOWS\system32\SystemX86\181.crack.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\182.keygen.zip (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\182.keygen.zip.kwd (Trojan.Tracur) -> Ingen åtgärd.
C:\WINDOWS\system32\SystemX86\183.serial.zip (Trojan.Tracur) -> Ingen åtgärd.
         

Bereinigen werd ich diesen Rechner nicht mehr!

Ja, die Dateien sind mir auch aufgefallen.
Aber ich denke nicht dass es ist wonach es aussieht. Sie hat gar keine Programme auf dem Rechner für die ein crack "nötig" wäre. Sicherlich, die Dateien sind da, aber sie nutzt den Rechner eigentlich nur für Skype und Internet. Vielleicht hat ihr ein "Freund" da mal was installiert.
Ich bezweifle dass sie überhaupt wüsste wie man sowas verwendet. Sie ist naiv, aber ich glaub nicht dass sie was kriminelles tut.
Wäre toll wenn du doch noch einen Blick auf die Logs werfen könntest.
Und die Dateinamen? Normal wär da doch ne Referenz für was es ist im Namen? Ich wills einfach nicht glauben, gibt keinen Sinn sowas auf dem Rechner.

Nee sry, bei sowas gibt es nur noch Hilfe zur Datensicherung und den Hinweis zur Neuinstallation

Nur interessehalber:
Wegen den cracks oder wegen der Menge an Viren?
Wäre sie im Land würd ich das für sie machen, aber momentan dürfte eine Neuinstallation noch auf Wochen hin nicht machbar sein. Mein Ziel war eigentlich, dass sie wieder im Internet unterwegs sein kann ohne überall persönliche Daten und Schadprogramme zu verteilen.
Der Viruslink den mir ihr Rechner geschickt hat wurde von SuperAnti Spyware erkannt. Prinzipiell sollte sich damit also der spezielle Plagegeist entfernen lassen, richtig?
Ich kann deine Position verstehen, kann ja jeder sagen dass es "jemand" war der das Zeug installiert hat und es sind Massen an Viren. Ich hab die Einträge in den Logs gelassen, im gegensatz zu manch anderem user wie ich annehme. Eben weil ich da keine Schuld sehe. Aber wie gesagt, kann verstehen dass du nicht so viel Zeit opfern willst.

Zitat:

Wegen den cracks oder wegen der Menge an Viren?

=> http://www.trojaner-board.de/95393-c...-software.html