winfixer 2005 problemThema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
30.10.2005, 22:57
...neu hier
Beiträge: 3 |
||
|
||
31.10.2005, 01:16
Member
Beiträge: 39 |
#152
hier der report vom letzten scan:
Sophos Anti-Virus Version 3.99.0 [Win32/Intel] Virus data version 3.99, November 2005 Includes detection for 112562 viruses, trojans and worms Copyright (c) 1989-2005 Sophos Plc, www.sophos.com System time 18:54:54, System date 30 October 2005 Command line qualifiers are: -f -di -all -remove -mime -mbr -noc -archive -opt=ISCabinet IDE directory is: c:\AV-CLS\Sophos 7 master boot records swept. 50857 files swept in 1 hour, 26 minutes and 4 seconds. 364 errors were encountered. 1 virus was discovered. 1 file out of 50857 was infected. Please send infected samples to Sophos for analysis. For advice consult www.sophos.com, email support@sophos.com or telephone +44 1235 559933 245 encrypted files were not checked. Ending Sophos Anti-Virus. 50375 files have been read. 50375 files have been checked. 40536 files have been scanned. 65399 files have been scanned. (including files in archived) 0 files containing viruses. Found 0 viruses totally. Maybe 0 viruses totally. Stop At : 10/30/2005 21:14:48 ---------*---------*---------*---------*---------*---------*---------*---------* gute nacht erstmal, gruß bohne __________ MfG Bohne Protecus Website |
|
|
||
31.10.2005, 10:22
Ehrenmitglied
Beiträge: 29434 |
#153
die_Bohne
es ist alles wieder in Ordnung , , aktiviere wieder die Systemwiederherstellung und alles Gute fuer dich + PC __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
31.10.2005, 13:39
...neu hier
Beiträge: 4 |
#154
Hi !!!!!!!!
auch bei mir öffnet sich immer WinFixer Fenster. Ich hoffe, ihr könnt mir helfen. Hier ist mein log: Logfile of HijackThis v1.99.0 Scan saved at 13:11:08, on 31.10.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Norton Internet Security\ISSVC.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLService.exe C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\WINDOWS\system32\svchost.exe C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\WINDOWS\Explorer.EXE C:\Programme\Java\jre1.5.0_02\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Apps\Softex\OmniPass\scureapp.exe C:\Programme\CyberLink\PowerCinema\PCMService.exe C:\Programme\VVSN\VVSN.exe C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Programme\Browser MOUSE\R2M.EXE C:\Programme\Office Mouse\moffice.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\WINDOWS\Downloaded Program Files\UWFX5U_0001_LPNetInstaller.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\Office Mouse\MOUSE32A.EXE C:\WINDOWS\System32\svchost.exe D:\DOKUME~1\PETERU~1.NDM\LOKALE~1\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe C:\Programme\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=GE&range=AD&phase=6&key=SEARCH R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://C:\APPS\IE\offline\ger.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\ger.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [OmniPass] C:\Apps\Softex\OmniPass\scureapp.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [VVSN] C:\Programme\VVSN\VVSN.exe O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [FLMBROWSEMOUSE2] C:\Programme\Browser MOUSE\R2M.EXE O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programme\Office Mouse\moffice.exe O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NI.UWFX5U_0001_LP] "C:\WINDOWS\Downloaded Program Files\UWFX5U_0001_LPNetInstaller.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm491YYDE O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\ger.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15.cab O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: CyberLink Background Capture Service (CBCS) - Unknown - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) - Unknown - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections - Unknown - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: ISSvc - Symantec Corporation - C:\Programme\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect-Dienst - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Softex OmniPass Service - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe |
|
|
||
31.10.2005, 13:53
...neu hier
Beiträge: 1 |
#155
hi, bin im internet auf diese seite gestoßen.hab das gleiche problem.hoffe ihr könnt mir helfen
Logfile of HijackThis v1.99.1 Scan saved at 13:38:46, on 31.10.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programme\Java\jre1.5.0_05\bin\jusched.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\ICQLite\ICQLite.exe C:\Programme\AVPersonal\AVGNT.EXE C:\Programme\iTunes\iTunesHelper.exe C:\Programme\QuickTime\qttask.exe C:\Programme\SurfAccuracy\SAcc.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\Dokumente und Einstellungen\Sandra\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.yahoo.com/?.home=msgr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.yahoo.com/?.home=msgr R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.yahoo.com/?.home=msgr R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [StorageGuard] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -minimize O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SurfAccuracy] C:\Programme\SurfAccuracy\SAcc.exe O4 - HKLM\..\Run: [IST Service] C:\Programme\ISTsvc\istsvc.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/0006_Crac*hier nicht!*.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EB8ED5B2-3EB0-439A-A4E9-51CAA1D43717}: NameServer = 10.190.1.1 O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe |
|
|
||
31.10.2005, 15:08
Ehrenmitglied
Beiträge: 29434 |
#156
Hallo@peter2309
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [NI.UWFX5U_0001_LP] "C:\WINDOWS\Downloaded Program Files\UWFX5U_0001_LPNetInstaller.exe" O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm491YYDE O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/CursorManiaFWBInitialSetup1.0.0.15.cab PC neustarten KILLBOX http://virus-protect.org/killbox.html Delete File on Reboot -- anhaken reinkopieren: C:\WINDOWS\Downloaded Program Files\UWFX5U_0001_LPNetInstaller.exe und klicke auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "---- klicke auf "yes PC neustarten KILLBOX DelTree (include SubDirectories) Man will zum Beispiel einen Ordner löschen . Nun muss man nicht alle Dateien im Ordner einzeln eingeben, sondern klickt die Option DelTree (include subdirectories). Hierbei wird ein komplettes Archiv mitsamt der Unterordner gelöscht. C:\Programme\MyWebSearch C:\Programme\BearShare CCleaner (loesche alle temporaeren Dateien) http://virus-protect.org/temp.html scanne mit ewido http://virus-protect.org/ewido.html Counter spy http://virus-protect.org/counterspy.html Klicke: "Run a Spyware Scan Now" - nach dem Scan muss man sich entscheiden für: *Ignore *Remove *Quarantaine wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab und ins Sicherheitsforum) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
31.10.2005, 15:14
Ehrenmitglied
Beiträge: 29434 |
#157
Hallo@Cornflakes
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten O4 - HKLM\..\Run: [SurfAccuracy] C:\Programme\SurfAccuracy\SAcc.exe O4 - HKLM\..\Run: [IST Service] C:\Programme\ISTsvc\istsvc.exe O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/0006_Crac*hier nicht!*.cab PC neustarten KILLBOX DelTree (include SubDirectories) Man will zum Beispiel einen Ordner löschen . Nun muss man nicht alle Dateien im Ordner einzeln eingeben, sondern klickt die Option DelTree (include subdirectories). Hierbei wird ein komplettes Archiv mitsamt der Unterordner gelöscht. C:\Programme\ISTsvc C:\Programme\SurfAccuracy CCleaner (loesche alle temporaeren Dateien) http://virus-protect.org/temp.html lade und scanne : FxIstbar.exe.... (Entfernungstool fuer:Trojan-Downloader.Win32.IstBar) http://virus-protect.org/spyware2.html#Trojan-Downloader.Win32.IstBar scanne mit ewido http://virus-protect.org/ewido.html Counter spy http://virus-protect.org/counterspy.html Klicke: "Run a Spyware Scan Now" - nach dem Scan muss man sich entscheiden für: *Ignore *Remove *Quarantaine wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab und ins Sicherheitsforum) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
31.10.2005, 16:46
Member
Beiträge: 39 |
#158
hallo sabina,
vielen dank für die super hilfe, selber hätte ich das nie geschafft, was man sich doch trotz mcafee firewall + virenscanner so alles einfängt. wie kann man sich noch besser vor solchen angriffen schützen? nochmals vielen dank gruß bohne __________ MfG Bohne Protecus Website |
|
|
||
31.10.2005, 17:43
Ehrenmitglied
Beiträge: 29434 |
#159
die_Bohne
- Eingeschränktes Benutzerkonto http://virus-protect.org/administrator.html - die WindowsUpdates alle geladen haben - bestimmte Seiten meiden -Microsoft Windows Antispy (den Guard aktivieren) http://virus-protect.org/ms.html - mit dem Browser Firefox surfen __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
31.10.2005, 22:00
...neu hier
Beiträge: 4 |
#160
Danke Sabine für die super Hilfe.
Hier mein Scanreport: Spyware Scan Details Start Date: 31.10.2005 20:38:28 End Date: 31.10.2005 20:57:48 Total Time: 19 mins 20 secs Detected spyware MyWebSearch Toolbar Toolbar more information... Details: WebSearch Toolbar is a customizable Internet Explorer search toolbar with various other tools. Status: Deleted Infected files detected c:\programme\funwebproducts\screensaver\cache\010416c3.swf c:\programme\funwebproducts\screensaver\cache\files.ini c:\programme\funwebproducts\screensaver\images\0103a02c.urr c:\programme\funwebproducts\screensaver\images\01040bc7.urr c:\programme\funwebproducts\screensaver\images\01042e62.dat c:\programme\funwebproducts\screensaver\images\01064694.dat c:\programme\funwebproducts\screensaver\images\wrkparam.lst c:\programme\funwebproducts\shared\004fd66a.dat c:\programme\funwebproducts\shared\cache\cursormaniabtn.html c:\programme\funwebproducts\shared\cache\funbuddyiconbtn.html c:\programme\funwebproducts\shared\cache\mailstampbtn.html c:\programme\funwebproducts\shared\cache\mystationerybtn.html c:\programme\funwebproducts\shared\cache\smileycentralbtn.html Infected registry entries detected HKEY_CURRENT_USER\SOFTWARE\MyWebSearch\bar HKEY_CURRENT_USER\SOFTWARE\MyWebSearch\bar MenuExtLabel &Search HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\ProgID FunWebProducts.IECookiesManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\VersionIndependentProgID FunWebProducts.IECookiesManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} IECookiesManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton\CLSID {8E6F1832-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton\CurVer FunWebProducts.PopSwatterBarButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton Bar Button Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\ProgID FunWebProducts.PopSwatterSettingsControl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\VersionIndependentProgID FunWebProducts.PopSwatterSettingsControl HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} Settings Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1\CLSID {8E6F1832-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1 Bar Button Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\ProgID FunWebProducts.HistoryKillerScheduler.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\VersionIndependentProgID FunWebProducts.HistoryKillerScheduler HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HistoryKillerScheduler Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler\CLSID {C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler\CurVer FunWebProducts.HistoryKillerScheduler.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler HistoryKillerScheduler Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1\CLSID {C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1 HistoryKillerScheduler Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1\CLSID {98D9753D-D73B-42D5-8C85-4469CDA897AB} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1 Fun Web Products HTML Menu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl\CLSID {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl\CurVer FunWebProducts.PopSwatterSettingsControl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl Settings Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\ProgID FunWebProducts.HistorySwatterControlBar.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\VersionIndependentProgID FunWebProducts.HistorySwatterControlBar HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} HistorySwatterControlBar Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1\CLSID {0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1 IECookiesManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} PopSwatter Server Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1\CLSID {ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1 My Web Search for Outlook HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1\CLSID {07B18EAB-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1 MyWebSearch Settings Plugin HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\ProgID FunWebProducts.KillerObjManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\VersionIndependentProgID FunWebProducts.KillerObjManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} KillerObjManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager\CLSID {0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager\CurVer FunWebProducts.IECookiesManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager IECookiesManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager\CLSID {B813095C-81C0-4E40-AA14-67520372B987} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager\CurVer FunWebProducts.KillerObjManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager KillerObjManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1\CLSID {CFF4CE82-3AA2-451F-9B77-7165605FB835} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1 HistorySwatterControlBar Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\ProgID FunWebProducts.PopSwatterBarButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\VersionIndependentProgID FunWebProducts.PopSwatterBarButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} Bar Button Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\ProgID MyWebSearchToolBar.SettingsPlugin.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\VersionIndependentProgID MyWebSearchToolBar.SettingsPlugin HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} MyWebSearch Settings HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\ProgID ScreenSaverControl.ScreenSaverInstaller.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\TypeLib {29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\VersionIndependentProgID ScreenSaverControl.ScreenSaverInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} ScreenSaverInstaller Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1\CLSID {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1 Settings Class HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin LoadBehavior 3 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar\CLSID {CFF4CE82-3AA2-451F-9B77-7165605FB835} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar\CurVer FunWebProducts.HistorySwatterControlBar.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar HistorySwatterControlBar Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA} mwsBar Installer2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu\CLSID {3DC201FB-E9C9-499C-A11F-23C360D7C3F8} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu\CurVer FunWebProducts.HTMLMenu.2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu Fun Web Products HTML Menu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2\CLSID {3DC201FB-E9C9-499C-A11F-23C360D7C3F8} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2 Fun Web Products HTML Menu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1\CLSID {B813095C-81C0-4E40-AA14-67520372B987} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1 KillerObjManager Class HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17} HKEY_CURRENT_USER\Software\MyWebSearch HKEY_CURRENT_USER\Software\MyWebSearch\bar MenuExtLabel &Search HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_CLASSES_ROOT\CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32 C:\WINDOWS\system32\shdocvw.dll HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag Url res://C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL/105 HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance CLSID {4D5C8C2A-D075-11d0-B416-00C04FB90376} HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} My Web Search Quick View HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3DTACTL.DLL HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\TypeLib {C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} DataCtrl Class HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\M3HTML.DLL HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\ProgID MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\TypeLib {3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\VersionIndependentProgID MyWebSearch.HTMLPanel HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} MyWebSearch HTML HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\ProgID MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\VersionIndependentProgID MyWebSearchToolBar.ToolbarPlugin HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\M3SKIN.DLL HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\ProgID MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\VersionIndependentProgID MyWebSearch.PseudoTransparentPlugin HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\M3SKIN.DLL HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} MyWebSearch Popup Menu Plugin HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HTTPCT.DLL HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\TypeLib {0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} HttpControl Class HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} IMyWebSearchSettings HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} _IMyWebSearchSettingsEvents HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} ICookie HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390} IHistoryKiller HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib {C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} _IDataCtrlEvents HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib {C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728} IDataCtrl HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} IKillerObjManager HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib {29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} IScreenSaverInstaller HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib {29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} IMonitorEvents HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib {E47CAEE0-DEEA-464A-9326-3F2801535A4D} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} IF3HTMLMenu HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} IIECookiesManager HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib {3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} IMyWebSearchHTMLPanel HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib {3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906} _IMyWebSearchHTMLPanelEvents HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} IFunWebProductsPopSwatterSettings HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} _IFunWebProductsPopSwatterSettingsEvents HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib {F42228FB-E84E-479E-B922-FBBD096E792C} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} IF3IMPlugin HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib {E47CAEE0-DEEA-464A-9326-3F2801535A4D} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} IF3PopupMenu HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchSkinSettings HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchPseudoTransparent HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchPopupMenu HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchSkinWindow HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} IHistoryKillerScheduler HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69} ICookiesCollection HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} _IIECookiesManagerEvents HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} ILargeStringDisp HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib {F42228FB-E84E-479E-B922-FBBD096E792C} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} IF3AIMContainer HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib {0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} IHttpControl HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib {0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} IHttpControlEvents HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} _IHistorySchedulerEvents HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel\CLSID {3E720452-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel\CurVer MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel MyWebSearch HTML Panel HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CurVer MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin\CLSID {53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin\CurVer MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1\CLSID {53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller\CLSID {9FF05104-B030-46FC-94B8-81276E4E27DF} HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller\CurVer ScreenSaverControl.ScreenSaverInstaller.1 HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller ScreenSaverInstaller Class HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1\CLSID {9FF05104-B030-46FC-94B8-81276E4E27DF} HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 ScreenSaverInstaller Class HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0 Toolbar 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3HTTPCT.DLL HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0 HttpControl 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0 ScreenSaverControl 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\M3HTML.DLL HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0 HTML 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\M3SKIN.DLL HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0 Skin 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0 HistoryKiller 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0 PopSwatter Control 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3DTACTL.DLL HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0 FWDataCtrl 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3HTMLMU.DLL HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0 F3HTMLMenu000 HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0 F3OEContainer000 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches incmail.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msimn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches outlook.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches waol.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches aim.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icq.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icqlite.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msmsgs.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msnmsgr.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches ypager.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches mwssrcas.dll 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Toolbar 07B18EA9-A523-4961-B6BB-170DE4475CCA HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 AppName MyWebSearch Email Plugin HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Path C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\CursorLoader Dir C:\Programme\FunWebProducts\Shared\ HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\MSNMessenger DLLFile F3REPROX.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\MSNMessenger DLLDir C:\Programme\MyWebSearch\bar\1.bin\ HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\ScreenSaver ImagesDir C:\Programme\FunWebProducts\ScreenSaver\Images\ HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\ScreenSaver PM efkfpetrqjgksgnteltlofgnoiiiiqkngkmimlfhsnfeogokhehfhghhhihjhkhlhmhnifigihiiijik HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\ScreenSaver ImagesFile 01040BC7.urr HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\ScreenSaver CacheDir C:\Programme\FunWebProducts\ScreenSaver\Cache\ HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn LastHTMLMenuURL http://www.funwebproducts.com/CursorChooser.html HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn HTMLMenuRevision 96 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn ETag "2473fa0-9125-435e748a" HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn LastHTMLMenuURL http://www.funwebproducts.com/BuddyIconChooser.html HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn HTMLMenuRevision 95 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn ETag "2473f9a-dcd1-433d9d9f" HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\MailStampBtn LastHTMLMenuURL http://www.mymailstamp.com/StampChooser.html?v=6 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\MailStampBtn HTMLMenuRevision 96 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\MailStampBtn ETag "fa0863-2976-42a9fa4d" HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn LastHTMLMenuURL http://www.funwebproducts.com/StationeryChooser.html?v=2 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn HTMLMenuRevision 96 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn ETag "2473f96-29fa-4332e45d" HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos BuddyTextNone.numActive 1 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos BuddyTextNone.0 Your buddy has a new Buddy Icon. @LTEXT0@Take a look!@LTEXT1@ @LINK0@http://buddies.funbuddyicons.com/@LINK1@ HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos BuddyFreqNone -1|1|0|0|0|0|0|0|0|0|1 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos BuddyTextUninstalled.numActive 1 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos BuddyTextUninstalled.0 Your buddy has a new Buddy Icon. @LTEXT0@Take a look!@LTEXT1@ @LINK0@http://buddies.funbuddyicons.com/@LINK1@ HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos BuddyFreqUninstalled -1|1|0|0|0|0|0|0|0|0|1 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.numActive 1 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.numActive2 2 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.1 You just received a smiley! Go to @LINK@ to see it! HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.2 Your friend has sent you a Talking Smiley. Click: @LINK@ HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn LastHTMLMenuURL http://www.mywebface.com/menus/SmileyChooser_de.html.gz HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn HTMLMenuRevision 96 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn ETag "25953b8-18f6c-435e61d1" HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn icqlite.exe.pos -414,-112 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn firefox.exe.pos 0,0 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn msnmsgr.exe.pos 0,0 HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products JpegConversionLib C:\Programme\MyWebSearch\bar\1.bin\F3CJPEG.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products CacheDir C:\Programme\FunWebProducts\Shared\Cache\ HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer Dir C:\Programme\FunWebProducts\Installr\ HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CurInstall 1 HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer sr 0 HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer pl 7 HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CheckForConnection 1 HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CacheDir C:\Programme\FunWebProducts\Installr\Cache\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin LoadBehavior 3 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin LoadBehavior 3 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform FunWebProducts PriceBandit Low Risk Adware more information... Details: It is an adware program that creates advertisments on your PC. Status: Deleted FunWebProducts Adware Bundler more information... Details: Fun Web Products bundles adware software in its products. Status: Deleted Infected files detected c:\programme\funwebproducts\shared\cache\cursormaniabtn.html c:\programme\funwebproducts\shared\cache\smileycentralbtn.html C:\!KillBox\bar\1.bin\F3BKGERR.JPG C:\!KillBox\bar\1.bin\F3SPACER.WMV C:\!KillBox\bar\1.bin\M3FFXTBR.JAR C:\!KillBox\bar\1.bin\M3NTSTBR.JAR C:\!KillBox\bar\Cache\004E4376.bin C:\!KillBox\bar\Cache\004E4CBD.bin C:\!KillBox\bar\Cache\004E5057.bin C:\!KillBox\bar\Game\CHECKERS.F3S C:\!KillBox\bar\Game\CHESS.F3S C:\!KillBox\bar\Game\REVERSI.F3S C:\Programme\Mozilla Firefox\chrome\m3ffxtbr.jar Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform FunWebProducts HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance CLSID {4D5C8C2A-D075-11d0-B416-00C04FB90376} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag Url res://C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL/105 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches ypager.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msnmsgr.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icqlite.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icq.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches aim.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches waol.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches outlook.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msimn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches incmail.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Path C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 AppName MyWebSearch Email Plugin HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Toolbar 07B18EA9-A523-4961-B6BB-170DE4475CCA HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\MSNMessenger DLLFile F3REPROX.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn LastHTMLMenuURL http://www.funwebproducts.com/CursorChooser.html HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.1 You just received a smiley! Go to @LINK@ to see it! HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.numActive 1 HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CheckForConnection 1 HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer sr 0 HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CurInstall 1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin LoadBehavior 3 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin LoadBehavior 3 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall UrlInfoAbout http://www.funwebproducts.com/eula/ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall Publisher My Web Search HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall HelpLink http://help.mywebsearch.com/ HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar Visible 1 HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar sr 0 HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar CurInstall 1 HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEMON Version 1,2,2,2 HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG StandardSmileyDir.AIM http://aimexpress.aim.com/v1_7/gz/aimcom/images/smilies/ HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG\Promo Yahoo.2.old You just received a smiley! Go to @LINK@ to see it! HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG\Promo Yahoo.1.old Your buddy sent you a smiley! Go to @LINK@ to see it! HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG\Promo Yahoo.0.old You just received a smiley! Want to see it? Go to @LINK@ HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG\Promo Yahoo.numActive 5 BearShare P2P more information... Details: BearShare is a file sharing network. The free version installs a number of known spyware and adware programs. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905} HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 C:\Programme\BearShare\RunMSC.dll HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR C:\Programme\BearShare\ HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905} HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 C:\Programme\BearShare\RunMSC.dll HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR C:\Programme\BearShare\ HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library My Way Speedbar Browser Plug-in more information... Details: MyWay Speedbar is a search toolbar that installs into Internet Explorer and Netscape Navigator, adding search functions and popup blocking. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} WhenU.SaveNow Adware more information... Details: an advertising application that displays pop-up advertising on the desktop in response to users' surfing behavior. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver RunMSC.Loader.1 misc.winsoftware.winfixer Misc more information... Details: Typically part of a bundle attack, WinFixer is a disabled, data repair utility that nags the user to purchase. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware HKEY_LOCAL_MACH |
|
|
||
01.11.2005, 00:36
Ehrenmitglied
Beiträge: 29434 |
#161
Peter2309
der PLatz hat nicht gereicht.... scanne noch mal und poste das neue Log vom Counterspy und berichte, ob die PopUps weg sind Zitat das haette mich interessiert....schade...der Platz hat nicht mehr gereicht...... __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
01.11.2005, 11:05
...neu hier
Beiträge: 3 |
#162
Hi Sabina!
Ich hoffe, Du kannst auch mir helfen. Habe mir auch diesen WinFixer 2005 eingefangen. Dieser will immer installieren - stört mich wenig. Aber ich kann weder E-mails empfangen noch senden. Bitte um Hilfe - habe als Computerlaie schon alles probiert - mich wundert, dass er noch funkt. Mit besten Dank im vorraus Verena Logfile of HijackThis v1.99.1 Scan saved at 11:05:41, on 01.11.2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\WINNT\System32\svchost.exe C:\Programme\Norton Internet Security\ISSVC.exe C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINNT\system32\nvsvc32.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINNT\system32\stisvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINNT\system32\ZoneLabs\vsmon.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINNT\explorer.exe C:\WINNT\system32\sstray.exe C:\WINNT\TWAIN_32\D66U\D066UUTY.EXE C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb01.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\BearShare\BearShare.exe C:\Programme\Winamp\winampa.exe C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe C:\WINNT\system32\internat.exe C:\WINNT\system32\RUNDLL32.EXE C:\Programme\MSN Messenger\MsnMsgr.Exe C:\Programme\Logitech\SetPoint\KEM.exe C:\Programme\Microsoft Office\Office\1031\OLFSNT40.EXE C:\Programme\Logitech\SetPoint\KHALMNPR.EXE C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NSMdtr.exe C:\Dokumente und Einstellungen\.....\Eigene Dateien\Emails\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.telering.at R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.de.netscape.com/keyword/%s R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll F2 - REG:system.ini: Shell=explorer.exe winuser32.exe O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Programme\MySearch\bar\1.bin\S4BAR.DLL O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: My &Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Programme\MySearch\bar\1.bin\S4BAR.DLL O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programme\Gemeinsame Dateien\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [D066UUtility] C:\WINNT\TWAIN_32\D66U\D066UUTY.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb01.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [BearShare] "C:\Programme\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [NI.UWFX5U_0001_LP] "C:\WINNT\Downloaded Program Files\UWFX5U_0001_LPNetInstaller.exe" O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition-Anschluss.lnk = C:\Programme\Microsoft Office\Office\1031\OLFSNT40.EXE O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O14 - IERESET.INF: START_PAGE_URL=http://www.telering.at O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/inflaterball/miniclipGameLoader.dll O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup/downloader_sp1/imloader.cab O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Guard NT - Unknown owner - C:\Ikarus\GuardNT\GuardNT.exe (file missing) O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programme\Norton Internet Security\ISSVC.exe O23 - Service: Microsoft NetWork FireWall Services - Unknown owner - NetServices.exe (file missing) O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe O23 - Service: PSEXESVC - Unknown owner - C:\WINNT\System32\PSEXESVC.EXE (file missing) O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe |
|
|
||
01.11.2005, 12:33
Ehrenmitglied
Beiträge: 29434 |
#163
Hallo@VerenaP
F2 - REG:system.ini: Shell=explorer.exe winuser32.exe http://sandbox.norman.no/live_4.html WINUSER32.EXE --> lade die exe hoch und poste, was angezeigt wird Zitat W32/Sdbot-HT ist ein Wurm, der versucht, sich auf remote Netzwerkfreigaben zu verbreiten. Er enthält außerdem eine Backdoor-Trojaner-Funktion, die unbefugten Fernzugriff auf den infizierten Computer via IRC-Kanälen ermöglicht, während er als Dienstprozess im Hintergrund aktiv ist.http://www.sophos.de/virusinfo/analyses/w32sdbotht.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
01.11.2005, 13:20
...neu hier
Beiträge: 4 |
#164
Hallo Sabina,die PopUs sind weg.
Hier ist mein Log von CounterSpy: Spyware Scan Details Start Date: 01.11.2005 12:38:09 End Date: 01.11.2005 13:06:28 Total Time: 28 mins 19 secs Detected spyware DoubleClick Cookie more information... Details: DoubleClick is a popular ad serving network that uses spyware cookies, to target advertising. Status: Deleted Infected cookies detected d:\dokumente und einstellungen\peter u.nd mira\cookies\peter u.nd mira@doubleclick[1].txt gruß Peter |
|
|
||
01.11.2005, 13:25
Ehrenmitglied
Beiträge: 29434 |
#165
Peter2309
fein kleiner Tipp: fuer die Zukunft http://virus-protect.org/administrator.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Danke für die super Hilfe...habe mein System nun wieder absolut sauber...
CC Cleaner und der Ewido Security Suite hat mein System aufgeräumt...