Wie kann ich SpySheriff, NDotNEt und Spayware.MArketscore löschen? |
||
---|---|---|
#0
| ||
24.11.2006, 20:23
...neu hier
Beiträge: 6 |
||
|
||
24.11.2006, 22:15
Ehrenmitglied
Beiträge: 29434 |
#2
Sayf
1. LSPfix http://www.spychecker.com/program/lspfix.html - hake an: "I know what Im doing" -- Remove - und loesche die newdotnet7_22.dll (eventuell musst du die dll von links nach rechts bringen) + Remove 2. poste bitte dieses log http://virus-protect.org/artikel/tools/combofix.html 3. wende Cleanup an http://virus-protect.org/cleanup.html 4. Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
24.11.2006, 23:10
...neu hier
Themenstarter Beiträge: 6 |
#3
Hallo Sabina!
Vielen vielen Dank für die schnelle Antwort hier die log von combofix: walid - 06-11-24 23:02:38,46 Service Pack 2 ComboFix 06.11.22 - Running from: "C:\Dokumente und Einstellungen\walid\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-10-24 to 2006-11-24 )))))))))))))))))))))))))))))))))) 2006-11-24 21:13 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe 2006-11-24 19:22 <DIR> d-------- C:\Programme\CleanUp! 2006-11-24 09:08 <DIR> d-------- C:\Programme\Gemeinsame Dateien\iS3 2006-11-24 09:08 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ZILLAbar 2006-11-24 09:08 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\STOPzilla! 2006-11-24 02:22 <DIR> d-------- C:\Programme\SPYWAREfighter 2006-11-24 02:18 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Google 2006-11-24 02:17 <DIR> d-------- C:\Programme\Spyware Doctor 2006-11-24 02:17 <DIR> d-------- C:\Programme\Google 2006-11-24 02:17 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google 2006-11-24 02:13 <DIR> d-------- C:\Programme\MalwareWiper 2006-11-24 02:01 <DIR> d-------- C:\Programme\Antivirus-Golden 2006-11-24 01:45 <DIR> d-------- C:\Program Files 2006-11-24 00:33 77,824 --a------ C:\WINDOWS\system32\dcvwaah.dll 2006-11-24 00:33 <DIR> d-------- C:\Programme\Virus-Bursters 2006-11-24 00:32 <DIR> d-------- C:\Programme\Gold Codec 2006-11-22 17:26 <DIR> d-------- C:\Programme\Macrogaming 2006-11-22 03:26 28,672 --a------ C:\WINDOWS\system32\f3PSSavr.scr 2006-11-22 03:26 <DIR> d-------- C:\Programme\MyWebSearch 2006-11-22 03:25 315,392 --a------ C:\WINDOWS\system32\rlls.dll 2006-11-22 03:25 <DIR> d-------- C:\Programme\FunWebProducts 2006-11-22 03:23 183,296 --a-s---- C:\WINDOWS\NDNuninstall7_22.exe 2006-11-22 03:22 1,429,504 --a------ C:\WINDOWS\system32\rlvknlg.exe 2006-11-22 03:21 8,464 --a------ C:\WINDOWS\system32\sporder.dll 2006-11-22 03:21 <DIR> d-a-s---- C:\Programme\NewDotNet 2006-11-19 13:27 178,408 --a------ C:\WINDOWS\system32\muweb.dll 2006-11-19 13:27 128,232 --a------ C:\WINDOWS\system32\mucltui.dll 2006-11-18 15:05 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Live Toolbar 2006-11-18 15:04 <DIR> d-------- C:\Programme\Windows Live Toolbar 2006-11-18 15:03 <DIR> d-------- C:\Programme\MSN Messenger 2006-11-16 00:06 <DIR> d-------- C:\WINDOWS\SxsCaPendDel 2006-11-14 20:08 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2006-11-13 22:28 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\MSNInstaller 2006-11-12 03:00 <DIR> d-------- C:\Programme\WinRAR 2006-11-12 01:38 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Contacts 2006-11-11 05:46 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Nokia Multimedia Player 2006-11-10 14:55 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Nokia 2006-11-10 14:55 <DIR> d-------- C:\Programme\DIFX 2006-11-10 14:54 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite 2006-11-08 21:49 <DIR> d-------- C:\WINDOWS\WBEM 2006-11-08 21:49 <DIR> d-------- C:\WINDOWS\system32\de-de 2006-11-08 21:46 <DIR> d--h-c--- C:\WINDOWS\ie7 2006-11-08 21:44 121,856 --------- C:\WINDOWS\system32\xmllite.dll 2006-11-08 21:43 <DIR> d-------- C:\WINDOWS\network diagnostic 2006-11-08 21:39 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage 2006-11-08 20:57 <DIR> d-------- C:\Programme\SymNetDrv 2006-11-06 00:51 <DIR> d-------- C:\Dokumente und Einstellungen\walid\runtime-EclipseApplication 2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-10-31 23:55 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\CyberLink 2006-10-29 20:43 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Phone Browser 2006-10-29 20:43 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Nokia 2006-10-29 20:43 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\DataLayer 2006-10-29 20:35 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2006-10-29 20:35 <DIR> d-------- C:\Programme\Nokia 2006-10-29 20:35 <DIR> d-------- C:\Programme\Gemeinsame Dateien\PCSuite 2006-10-29 20:35 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\PC Suite 2006-10-29 20:34 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations 2006-10-27 15:09 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll 2006-10-27 15:09 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-10-27 15:09 458,752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-10-27 15:09 180,736 --------- C:\WINDOWS\system32\ieui.dll 2006-10-27 02:44 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-10-24 10:17 48,424 --a------ C:\WINDOWS\system32\sirenacm.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-24 21:17 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-11-24 21:11 869 --a------ C:\Dokumente und Einstellungen\walid\Anwendungsdaten\AdobeDLM.log 2006-11-24 21:11 0 --a------ C:\Dokumente und Einstellungen\walid\Anwendungsdaten\dm.ini 2006-11-24 21:11 -------- d-------- C:\Programme\Adobe 2006-11-24 21:03 -------- d-------- C:\Programme\Gemeinsame Dateien\Adobe 2006-11-24 00:43 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Skype 2006-11-23 23:12 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\AdobeUM 2006-11-22 17:26 -------- d---s---- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Microsoft 2006-11-22 03:26 -------- d-------- C:\Programme\Internet Explorer 2006-11-19 17:47 -------- d-------- C:\Programme\Gemeinsame Dateien\Symantec Shared 2006-11-18 15:00 -------- d-------- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2006-11-13 22:28 -------- d-------- C:\Programme\MSN 2006-11-08 20:59 -------- d-------- C:\Programme\Norton AntiVirus 2006-11-08 20:58 -------- d-------- C:\Programme\Symantec 2006-10-27 15:09 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-10-27 15:09 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-10-27 15:09 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-10-27 02:44 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-10-27 02:44 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-10-27 02:44 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-10-27 02:44 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-10-27 02:44 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-10-27 02:44 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-10-27 02:44 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-10-27 02:44 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-10-27 02:42 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-10-17 13:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 13:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 13:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 13:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 13:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 13:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 12:58 61952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 12:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 12:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 12:57 266752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 12:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 12:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 12:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll 2006-10-14 23:56 -------- d-------- C:\Programme\Windows Media Player 2006-10-14 23:56 -------- d-------- C:\Programme\Messenger 2006-10-14 23:52 -------- d-------- C:\Programme\Outlook Express 2006-10-14 23:52 -------- d-------- C:\Programme\Gemeinsame Dateien\System 2006-10-14 22:52 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Macromedia 2006-10-14 19:53 -------- d-------- C:\Programme\Microsoft.NET 2006-10-14 19:51 -------- d-------- C:\Programme\Microsoft Office 2006-10-14 19:51 -------- d-------- C:\Programme\Gemeinsame Dateien\DESIGNER 2006-10-13 13:35 146432 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-12 19:24 -------- d-------- C:\Programme\Canon 2006-10-08 20:34 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Adobe 2006-10-08 14:22 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Real 2006-10-08 14:21 -------- d-------- C:\Programme\Gemeinsame Dateien\xing shared 2006-10-08 14:21 -------- d-------- C:\Programme\Gemeinsame Dateien\Real 2006-10-08 14:20 -------- d-------- C:\Programme\Real 2006-10-08 10:56 -------- d-------- C:\Programme\Skype 2006-10-08 00:53 -------- d-------- C:\Programme\Hewlett-Packard 2006-10-07 23:24 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Symantec 2006-10-07 23:22 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Samsung Electronics 2006-10-07 23:22 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Help 2006-10-07 23:19 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-10-07 23:19 -------- d-------- C:\Programme\Samsung 2006-10-07 23:14 -------- d-------- C:\Programme\CyberLink 2006-10-07 23:13 -------- d-------- C:\Programme\Ahead 2006-10-07 23:12 -------- d-------- C:\Programme\Gemeinsame Dateien\Ahead 2006-10-07 23:08 -------- d-------- C:\Programme\PIC 2006-10-07 23:07 -------- d-------- C:\Programme\MSXML 4.0 2006-10-07 23:06 -------- d-------- C:\Programme\Gemeinsame Dateien\InstallShield 2006-10-07 23:05 -------- d-------- C:\Programme\Synaptics 2006-10-07 23:05 -------- d-------- C:\Programme\SRS Labs 2006-10-07 23:05 -------- d-------- C:\Programme\ltmoh 2006-10-07 23:04 -------- d-------- C:\Programme\Analog Devices 2006-10-07 23:03 -------- d-------- C:\Programme\Intel 2006-10-07 23:02 -------- d-------- C:\Programme\ATI Technologies 2006-10-07 20:34 -------- d-------- C:\Programme\MATLAB 2006-10-07 20:17 -------- d--h----- C:\Programme\Uninstall Information 2006-10-07 20:17 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Identities 2006-10-07 20:15 -------- d-------- C:\Programme\Java 2006-10-07 20:15 -------- d-------- C:\Programme\Gemeinsame Dateien\Java 2006-10-07 20:09 62 --ahs---- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\desktop.ini 2006-10-07 20:09 -------- d-------- C:\Programme\Gemeinsame Dateien\SpeechEngines 2006-10-07 20:09 -------- d-------- C:\Programme\Gemeinsame Dateien\ODBC 2006-10-07 20:05 -------- d-------- C:\Programme\xerox 2006-10-07 20:05 -------- d-------- C:\Programme\microsoft frontpage 2006-10-07 20:04 0 -rahs---- C:\MSDOS.SYS 2006-10-07 20:04 0 -rahs---- C:\IO.SYS 2006-10-07 20:04 0 --a------ C:\CONFIG.SYS 2006-10-07 20:04 0 --a------ C:\AUTOEXEC.BAT 2006-10-07 20:03 -------- d--h----- C:\Programme\WindowsUpdate 2006-10-07 20:03 -------- d-------- C:\Programme\Online-Dienste 2006-10-07 20:02 -------- d-------- C:\Programme\NetMeeting 2006-10-07 20:02 -------- d-------- C:\Programme\Movie Maker 2006-10-07 20:02 -------- d-------- C:\Programme\Gemeinsame Dateien\MSSoap 2006-10-07 20:02 -------- d-------- C:\Programme\Gemeinsame Dateien\Dienste 2006-10-07 20:01 -------- d-------- C:\Programme\ComPlus Applications 2006-10-07 20:00 -------- d-------- C:\Programme\Windows NT 2006-10-07 20:00 -------- d-------- C:\Programme\Online Services 2006-10-07 20:00 -------- d-------- C:\Programme\MSN Gaming Zone 2006-09-15 22:52 91904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2006-09-13 06:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-09-06 17:42 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-08-25 16:46 617472 --a------ C:\WINDOWS\system32\comctl32.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MsnMsgr"="~\"C:\\Programme\\MSN Messenger\\MsnMsgr.Exe\" /background" "MyWebSearch Email Plugin"="C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe" "SweetIM"="C:\\Programme\\Macrogaming\\SweetIM\\SweetIM.exe" "swg"="C:\\Programme\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0\\bin\\jusched.exe" "ATIPTA"="\"C:\\Programme\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "SoundMAXPnP"="C:\\Programme\\Analog Devices\\SoundMAX\\SMax4PNP.exe" "SoundMAX"="C:\\Programme\\Analog Devices\\SoundMAX\\Smax4.exe /tray" "SynTPLpr"="C:\\Programme\\Synaptics\\SynTP\\SynTPLpr.exe" "SynTPEnh"="C:\\Programme\\Synaptics\\SynTP\\SynTPEnh.exe" "AGRSMMSG"="AGRSMMSG.exe" "LtMoh"="C:\\Programme\\ltmoh\\Ltmoh.exe" "MagicKeyboard"="C:\\Programme\\SAMSUNG\\MagicKBD\\PreMKBD.exe" "AVStation premium"="\"C:\\Programme\\Samsung\\AVStation premium\\bin\\AVStation agent.exe\"" "BatteryManager"="C:\\Programme\\Samsung\\Samsung Battery Manager\\BatteryManager.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "RemoteControl"="C:\\Programme\\CyberLink\\PowerDVD\\PDVDServ.exe" "ccApp"="\"C:\\Programme\\Gemeinsame Dateien\\Symantec Shared\\ccApp.exe\"" "SamsungPIC"="C:\\Programme\\Samsung\\Samsung Command Center\\PIC_UI.exe" "TkBellExe"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot" "Easy-PrintToolBox"="C:\\Programme\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon" "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer" "PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup" "New.net Startup"="rundll32 C:\\PROGRA~1\\NEWDOT~1\\NEWDOT~2.DLL,ClientStartup -s" "My Web Search Bar Search Scope Monitor"="\"C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\m3SrchMn.exe\" /m=0" "MyWebSearch Email Plugin"="C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe" "SweetIM"="C:\\Programme\\Macrogaming\\SweetIM\\SweetIM.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000004 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Norton AntiVirus - Meinen Computer prfen - walid.job Completion time: 06-11-24 23:03:05.92 C:\ComboFix.txt ... 06-11-24 23:03 C:\ComboFix2.txt ... 06-11-24 23:00 ...und hier der Text aus listen.bat nachdem ich Cleanup angewendet habe: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\WINDOWS\Downloaded Program Files 14.07.2005 17:28 365 f3initialsetup1.0.0.15.inf 09.11.2006 14:36 5.019 swflash.inf 2 Datei(en) 5.384 Bytes 0 Verzeichnis(se), 35.193.417.728 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Programme Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Dokumente und Einstellungen\walid 24.11.2006 19:40 <DIR> . 24.11.2006 19:40 <DIR> .. 24.10.2006 17:43 155 .appletviewer 07.10.2006 23:35 <DIR> Application Data 13.11.2006 20:07 <DIR> Contacts 24.11.2006 23:20 <DIR> Desktop 24.11.2006 00:00 <DIR> Eigene Dateien 24.11.2006 00:33 <DIR> Favoriten 29.10.2006 21:32 <DIR> Phone Browser 06.11.2006 00:51 <DIR> runtime-EclipseApplication 24.11.2006 10:02 <DIR> Startmen 23.11.2006 23:05 <DIR> workspace 1 Datei(en) 155 Bytes 11 Verzeichnis(se), 35.193.413.632 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Dokumente und Einstellungen\walid\Eigene Dateien 24.11.2006 00:00 <DIR> . 24.11.2006 00:00 <DIR> .. 07.10.2006 23:09 <DIR> AVStation Premium 10.10.2006 12:29 <DIR> CyberLink 22.11.2006 23:26 <DIR> Eigene Bilder 08.10.2006 20:34 <DIR> Eigene eBooks 19.11.2006 21:33 <DIR> Eigene Musik 18.11.2006 22:12 <DIR> Eigene Videos 24.11.2006 10:04 597 Meine freigegebenen Ordner.lnk 12.11.2006 03:40 <DIR> My Skype Pictures 22.11.2006 23:59 <DIR> Privat 15.11.2006 19:38 <DIR> Wissam 1 Datei(en) 597 Bytes 11 Verzeichnis(se), 35.193.413.632 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Program Files 24.11.2006 01:45 <DIR> . 24.11.2006 01:45 <DIR> .. 24.11.2006 02:44 <DIR> PestTrap 0 Datei(en) 0 Bytes 3 Verzeichnis(se), 35.193.413.632 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Dokumente und Einstellungen\walid\Lokale Einstellungen\Temporary Internet Files\Content.IE5 24.11.2006 23:15 245.760 index.dat 1 Datei(en) 245.760 Bytes 0 Verzeichnis(se), 35.193.413.632 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Dokumente und Einstellungen\walid\Lokale Einstellungen\Temp 24.11.2006 23:15 <DIR> . 24.11.2006 23:15 <DIR> .. 24.11.2006 21:19 426 Acr6F09.tmp 24.11.2006 21:19 426 Acr6F0A.tmp 24.11.2006 23:15 0 JETDCB1.tmp 24.11.2006 23:15 0 JETDD8C.tmp 24.11.2006 23:15 206 jusched.log 24.11.2006 23:15 0 PICLog.log 6 Datei(en) 1.058 Bytes 2 Verzeichnis(se), 35.193.413.632 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\WINDOWS\Temp 24.11.2006 23:15 <DIR> . 24.11.2006 23:15 <DIR> .. 0 Datei(en) 0 Bytes 2 Verzeichnis(se), 35.193.413.632 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\ Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Programme 24.11.2006 23:15 <DIR> . 24.11.2006 23:15 <DIR> .. 24.11.2006 21:11 <DIR> Adobe 07.10.2006 23:13 <DIR> Ahead 07.10.2006 23:04 <DIR> Analog Devices 24.11.2006 02:40 <DIR> Antivirus-Golden 07.10.2006 23:02 <DIR> ATI Technologies 12.10.2006 19:24 <DIR> Canon 24.11.2006 19:22 <DIR> CleanUp! 07.10.2006 20:01 <DIR> ComPlus Applications 07.10.2006 23:14 <DIR> CyberLink 16.11.2006 00:15 <DIR> DIFX 22.11.2006 05:19 <DIR> FunWebProducts 24.11.2006 23:15 <DIR> Gemeinsame Dateien 24.11.2006 09:12 <DIR> Gold Codec 24.11.2006 02:19 <DIR> Google 08.10.2006 00:53 <DIR> Hewlett-Packard 07.10.2006 23:03 <DIR> Intel 22.11.2006 03:26 <DIR> Internet Explorer 07.10.2006 20:15 <DIR> Java 07.10.2006 23:05 <DIR> ltmoh 22.11.2006 17:26 <DIR> Macrogaming 24.11.2006 10:02 <DIR> MalwareWiper 07.10.2006 20:34 <DIR> MATLAB 14.10.2006 23:56 <DIR> Messenger 07.10.2006 20:05 <DIR> microsoft frontpage 14.10.2006 19:51 <DIR> Microsoft Office 14.10.2006 19:53 <DIR> Microsoft.NET 07.10.2006 20:02 <DIR> Movie Maker 13.11.2006 22:28 <DIR> MSN 07.10.2006 20:00 <DIR> MSN Gaming Zone 23.11.2006 01:00 <DIR> MSN Messenger 07.10.2006 23:07 <DIR> MSXML 4.0 22.11.2006 03:26 <DIR> MyWebSearch 07.10.2006 20:02 <DIR> NetMeeting 10.11.2006 14:55 <DIR> Nokia 08.11.2006 20:59 <DIR> Norton AntiVirus 07.10.2006 20:00 <DIR> Online Services 07.10.2006 20:03 <DIR> Online-Dienste 14.10.2006 23:52 <DIR> Outlook Express 07.10.2006 23:08 <DIR> PIC 08.10.2006 14:20 <DIR> Real 07.10.2006 23:19 <DIR> Samsung 08.10.2006 10:56 <DIR> Skype 24.11.2006 09:57 <DIR> Spyware Doctor 24.11.2006 08:50 <DIR> SPYWAREfighter 07.10.2006 23:05 <DIR> SRS Labs 08.11.2006 20:58 <DIR> Symantec 08.11.2006 20:57 <DIR> SymNetDrv 07.10.2006 23:05 <DIR> Synaptics 24.11.2006 02:44 <DIR> Virus-Bursters 23.11.2006 00:37 <DIR> Windows Live Toolbar 14.10.2006 23:56 <DIR> Windows Media Player 07.10.2006 20:00 <DIR> Windows NT 12.11.2006 03:00 <DIR> WinRAR 07.10.2006 20:05 <DIR> xerox 0 Datei(en) 0 Bytes 56 Verzeichnis(se), 35.193.409.536 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Dokumente und Einstellungen\walid\Lokale Einstellungen\Anwendungsdaten 24.11.2006 21:18 <DIR> Adobe 14.10.2006 20:01 <DIR> Ahead 22.11.2006 23:59 47.104 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 19.10.2006 23:17 42.168 GDIPFONTCACHEV1.DAT 08.10.2006 14:21 <DIR> Google 07.10.2006 23:22 <DIR> Help 14.11.2006 23:06 <DIR> Microsoft 07.10.2006 20:15 <DIR> {3248F0A6-6813-11D6-A77B-00B0D0150000} 2 Datei(en) 89.272 Bytes 6 Verzeichnis(se), 35.193.409.536 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Dokumente und Einstellungen\walid\Anwendungsdaten 08.10.2006 20:34 <DIR> Adobe 24.11.2006 21:11 869 AdobeDLM.log 23.11.2006 23:12 <DIR> AdobeUM 31.10.2006 23:55 <DIR> CyberLink 29.10.2006 20:43 <DIR> DataLayer 24.11.2006 21:11 0 dm.ini 24.11.2006 02:32 <DIR> Google 07.10.2006 23:22 <DIR> Help 07.10.2006 20:17 <DIR> Identities 14.10.2006 22:52 <DIR> Macromedia 13.11.2006 22:28 <DIR> MSNInstaller 29.10.2006 20:43 <DIR> Nokia 11.11.2006 05:46 <DIR> Nokia Multimedia Player 10.11.2006 14:58 <DIR> PC Suite 08.10.2006 14:22 <DIR> Real 07.10.2006 23:22 <DIR> Samsung Electronics 24.11.2006 00:43 <DIR> Skype 07.10.2006 23:24 <DIR> Symantec 2 Datei(en) 869 Bytes 16 Verzeichnis(se), 35.193.405.440 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten 24.11.2006 21:13 <DIR> Adobe 07.10.2006 23:14 <DIR> CyberLink 10.11.2006 14:54 <DIR> Downloaded Installations 24.11.2006 02:17 <DIR> Google 10.11.2006 14:58 <DIR> PC Suite 07.10.2006 23:22 <DIR> Samsung Electronics 24.11.2006 09:50 <DIR> STOPzilla! 07.10.2006 23:22 <DIR> Symantec 08.11.2006 21:39 <DIR> Windows Genuine Advantage 18.11.2006 15:05 <DIR> Windows Live Toolbar 24.11.2006 09:19 <DIR> ZILLAbar 0 Datei(en) 0 Bytes 11 Verzeichnis(se), 35.193.405.440 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Programme\Gemeinsame Dateien 24.11.2006 23:15 <DIR> . 24.11.2006 23:15 <DIR> .. 24.11.2006 21:03 <DIR> Adobe 07.10.2006 23:12 <DIR> Ahead 14.10.2006 19:51 <DIR> DESIGNER 07.10.2006 20:02 <DIR> Dienste 07.10.2006 23:06 <DIR> InstallShield 24.11.2006 09:08 <DIR> iS3 07.10.2006 20:15 <DIR> Java 18.11.2006 15:00 <DIR> Microsoft Shared 07.10.2006 20:02 <DIR> MSSoap 10.11.2006 14:55 <DIR> Nokia 07.10.2006 20:09 <DIR> ODBC 10.11.2006 14:55 <DIR> PCSuite 08.10.2006 14:21 <DIR> Real 07.10.2006 20:09 <DIR> SpeechEngines 19.11.2006 17:47 <DIR> Symantec Shared 14.10.2006 23:52 <DIR> System 08.10.2006 14:21 <DIR> xing shared 0 Datei(en) 0 Bytes 19 Verzeichnis(se), 35.193.405.440 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\Windows\tasks 24.11.2006 20:00 568 Norton AntiVirus - Meinen Computer prfen - walid.job 1 Datei(en) 568 Bytes 0 Verzeichnis(se), 35.193.405.440 Bytes frei Dieser Beitrag wurde am 24.11.2006 um 23:33 Uhr von Sayf editiert.
|
|
|
||
25.11.2006, 00:17
Ehrenmitglied
Beiträge: 29434 |
#4
Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) Antivirus-Golden in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) Gold Codec in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) MalwareWiper in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) PestTrap in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. -------------------------------------------------------------------------------- LSPfix http://www.spychecker.com/program/lspfix.html - hake an: "I know what Im doing" -- Remove - und loesche die rlls.dll (eventuell musst du die dll von links nach rechts bringen) + Remove --------------- Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat registry keys to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten »» lösche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb «« scanne mit smitfraudfix - Option 1 und 2 ( lasse auch die Registry mitreinigen) http://virus-protect.org/artikel/tools/smitfrautfix.html --------------------- öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLLPC neustarten ** scanne, stelle alles auf remove und poste den scanreport http://virus-protect.org/counterspy.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
25.11.2006, 02:25
...neu hier
Themenstarter Beiträge: 6 |
#5
...also hier die weiteren Schritte (nochmals vielen Dank):
REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 25.11.2006 02:15:23 for strings: ; 'antivirus-golden' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Antivirus-Golden] ; End Of The Log... REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 25.11.2006 02:17:55 for strings: ; 'gold codec' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006] "UninstallString"="\"C:\\Programme\\Gold Codec\\iesuninst.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03] "UninstallString"="\"C:\\Programme\\Gold Codec\\pmuninst.exe\"" [HKEY_USERS\S-1-5-21-1275210071-1004336348-725345543-1004\Software\Internet Security] "Path"="C:\\Programme\\Gold Codec" ; End Of The Log... REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 25.11.2006 02:19:23 for strings: ; 'malwarewiper' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{96467F12-0518-4E85-AC6A-4858017F1400}\1.0\0\win32] @="C:\\Programme\\MalwareWiper\\MalwareWiper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{96467F12-0518-4E85-AC6A-4858017F1400}\1.0\HELPDIR] @="C:\\Programme\\MalwareWiper\\" [HKEY_USERS\S-1-5-21-1275210071-1004336348-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MalwareWiper] ; End Of The Log... REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 25.11.2006 02:21:12 for strings: ; 'pesttrap' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_USERS\S-1-5-21-1275210071-1004336348-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PestTrap] ; End Of The Log... Mit LSPfix finde ich keine rlls.dll, ich konnte die also nicht löschen! Nach der Anwendung von Avenger und anschließendem Neustart bekomme ich diese Fehlermeldungen: RUNDLL Fehler beim Laden von c:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL (diese verschwindet allerdings nach ausführen von Smitfraudfix) und es erscheint die Meldung "Eingeschränkte oder keine Konnektivität der Netzwerkverbindung" (ich komme also nicht mehr ins Internet rein, ich habe eine W-Lan Verbindung) Hier der Scanreport von Counterspy: Spyware Scan Details Start Date: 25.11.2006 03:58:43 End Date: 25.11.2006 04:23:57 Total Time: 25 mins 14 secs Detected spyware MyWebSearch Toolbar Potentially Unwanted Software more information... Details: WebSearch Toolbar is a customizable Internet Explorer search toolbar with various other tools. Status: Deleted Infected files detected C:\Programme\MSN Messenger\riched20.dll Infected registry entries detected HKEY_CURRENT_USER\SOFTWARE\MyWebSearch\bar HKEY_CURRENT_USER\SOFTWARE\MyWebSearch\bar MenuExtLabel &Search HKEY_CURRENT_USER\SOFTWARE\MyWebSearch\bar DSS {6A1806CD-94D4-4689-BA73-E35EA1EA9990} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\ProgID FunWebProducts.IECookiesManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\VersionIndependentProgID FunWebProducts.IECookiesManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} IECookiesManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\ProgID FunWebProducts.PopSwatterSettingsControl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\VersionIndependentProgID FunWebProducts.PopSwatterSettingsControl HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} PopSwatter Settings Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\ProgID FunWebProducts.HistoryKillerScheduler.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\VersionIndependentProgID FunWebProducts.HistoryKillerScheduler HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HistoryKillerScheduler Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\ProgID FunWebProducts.HistorySwatterControlBar.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\VersionIndependentProgID FunWebProducts.HistorySwatterControlBar HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} HistorySwatterControlBar Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} PopSwatter Server Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1\CLSID {ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1 My Web Search for Outlook HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1\CLSID {07B18EAB-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1 MyWebSearch Settings Plugin HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\ProgID FunWebProducts.KillerObjManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\VersionIndependentProgID FunWebProducts.KillerObjManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} KillerObjManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\ProgID FunWebProducts.PopSwatterBarButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\VersionIndependentProgID FunWebProducts.PopSwatterBarButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} Bar Button Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\ProgID MyWebSearchToolBar.SettingsPlugin.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\VersionIndependentProgID MyWebSearchToolBar.SettingsPlugin HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} MyWebSearch Settings HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\ProgID ScreenSaverControl.ScreenSaverInstaller.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\TypeLib {29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\VersionIndependentProgID ScreenSaverControl.ScreenSaverInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} ScreenSaverInstaller Class HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin LoadBehavior 2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA3-A523-4961-B6BB-170DE4475CCA} mwsBar Installer2 HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance CLSID {4D5C8C2A-D075-11d0-B416-00C04FB90376} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag Url res://C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL/105 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches mwssrcas.dll 0 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches ypager.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msnmsgr.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icqlite.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icq.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches aim.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches waol.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches outlook.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msimn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches incmail.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Path C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 AppName MyWebSearch Email Plugin HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Toolbar 07B18EA9-A523-4961-B6BB-170DE4475CCA HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Outlook MyWebSearch.OutlookAddin {07B18EA9-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin LoadBehavior 3 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall Publisher My Web Search HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall DisplayName My Web Search (Smiley Central) HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar Visible 1 HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar sr 0 HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar CurInstall 1 HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar un My Web Search (Smiley Central) HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG\Promo Yahoo.2.old You just received a smiley! Go to @LINK@ to see it! HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG\Promo Yahoo.1.old Your buddy sent you a smiley! Go to @LINK@ to see it! HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\MWSOEPLG\Promo Yahoo.0.old You just received a smiley! Want to see it? Go to @LINK@ HKEY_CURRENT_USER\Software\MyWebSearch HKEY_CURRENT_USER\Software\MyWebSearch\bar MenuExtLabel &Search HKEY_CURRENT_USER\Software\MyWebSearch\bar DSS {6A1806CD-94D4-4689-BA73-E35EA1EA9990} HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32 C:\WINDOWS\system32\shdocvw.dll HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag Url res://C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL/105 HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance CLSID {4D5C8C2A-D075-11d0-B416-00C04FB90376} HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} My Web Search Quick View HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3DTACTL.DLL HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\ProgID FunWebProducts.DataControl.1 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\TypeLib {C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\VersionIndependentProgID FunWebProducts.DataControl HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} DataCtrl Class HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\M3HTML.DLL HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\ProgID MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\TypeLib {3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\VersionIndependentProgID MyWebSearch.HTMLPanel HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} MyWebSearch HTML HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\ProgID MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\VersionIndependentProgID MyWebSearchToolBar.ToolbarPlugin HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\M3SKIN.DLL HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\ProgID MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\VersionIndependentProgID MyWebSearch.PseudoTransparentPlugin HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\M3SKIN.DLL HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} MyWebSearch Popup Menu Plugin HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32 C:\Programme\MyWebSearch\bar\1.bin\F3HTTPCT.DLL HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\TypeLib {0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} HttpControl Class HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} IMyWebSearchSettings HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib {07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} _IMyWebSearchSettingsEvents HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} ICookie HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{120927BF-1700-43BC-810F-FAB92549B390} IHistoryKiller HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib {C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} _IDataCtrlEvents HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib {C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728} IDataCtrl HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} IKillerObjManager HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib {29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} IScreenSaverInstaller HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib {29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} IMonitorEvents HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib {E47CAEE0-DEEA-464A-9326-3F2801535A4D} HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} IF3HTMLMenu HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} IIECookiesManager HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib {3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} IMyWebSearchHTMLPanel HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib {3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906} _IMyWebSearchHTMLPanelEvents HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} IFunWebProductsPopSwatterSettings HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib {8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} _IFunWebProductsPopSwatterSettingsEvents HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib {F42228FB-E84E-479E-B922-FBBD096E792C} HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} IF3IMPlugin HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib {E47CAEE0-DEEA-464A-9326-3F2801535A4D} HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} IF3PopupMenu HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchSkinSettings HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchPseudoTransparent HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchPopupMenu HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib {7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchSkinWindow HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} IHistoryKillerScheduler HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{991AAC62-B100-47CE-8B75-253965244F69} ICookiesCollection HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} _IIECookiesManagerEvents HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} ILargeStringDisp HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib {F42228FB-E84E-479E-B922-FBBD096E792C} HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} IF3AIMContainer HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib {0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} IHttpControl HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib {0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} IHttpControlEvents HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib {8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} _IHistorySchedulerEvents HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel\CLSID {3E720452-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel\CurVer MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel MyWebSearch HTML Panel HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CurVer MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin\CLSID {53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin\CurVer MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1\CLSID {53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller\CLSID {9FF05104-B030-46FC-94B8-81276E4E27DF} HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller\CurVer ScreenSaverControl.ScreenSaverInstaller.1 HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller ScreenSaverInstaller Class HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1\CLSID {9FF05104-B030-46FC-94B8-81276E4E27DF} HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 ScreenSaverInstaller Class HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0 Toolbar 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3HTTPCT.DLL HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0 HttpControl 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3SCRCTR.DLL HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0 ScreenSaverControl 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\M3HTML.DLL HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0 HTML 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\M3SKIN.DLL HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0 Skin 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3HISTSW.DLL HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0 HistoryKiller 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3POPSWT.DLL HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0 PopSwatter Control 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3DTACTL.DLL HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin\ HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0 DataCtrl 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\F3HTMLMU.DLL HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0 F3HTMLMenu000 HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C} HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0\win32 C:\Programme\MyWebSearch\bar\1.bin\MWSOEPLG.DLL HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\HELPDIR C:\Programme\MyWebSearch\bar\1.bin HKEY_CLASSES_ROOT\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0 F3OEContainer000 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches incmail.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msimn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msn.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches outlook.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches waol.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches aim.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icq.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icqlite.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msmsgs.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msnmsgr.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches ypager.exe 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches au 0 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches mwsSrcAs.dll 0 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches ok 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches od 1 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches nk 0 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches nd 0 HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Toolbar 07B18EA9-A523-4961-B6BB-170DE4475CCA HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 AppName MyWebSearch Email Plugin HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Path C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Outlook MyWebSearch.OutlookAddin {07B18EA9-A523-4961-B6BB-170DE4475CCA} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin LoadBehavior 3 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin Description My Web Search Outlook Container HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin FriendlyName Fun Tools HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin LoadBehavior 2 NewDotNet Browser Plug-in more information... Details: New.Net is an Internet Explorer spyware/hijacker plug-in that adds subdomains of 'new.net' to your name resolution system (Windows’ Host file), resulting in what appear to be extra top-level domains (.shop, and so on) being resolvable. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\tldctl2.urllink.1 HKEY_CLASSES_ROOT\tldctl2.urllink.1\CLSID {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKEY_CLASSES_ROOT\tldctl2.urllink.1 URLLink HKEY_CLASSES_ROOT\tldctl2.urllink HKEY_CLASSES_ROOT\tldctl2.urllink\CLSID {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKEY_CLASSES_ROOT\tldctl2.urllink\CurVer Tldctl2.URLLink.1 HKEY_CLASSES_ROOT\tldctl2.urllink URLLink HKEY_LOCAL_MACHINE\software\classes\tldctl2.urllink\clsid HKEY_LOCAL_MACHINE\software\classes\tldctl2.urllink\clsid {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net DisplayName New.net Domains 7.22 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net UninstallString C:\WINDOWS\NDNUNI~1.EXE HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net DisplayIcon C:\WINDOWS\NDNUNI~1.EXE HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net DisplayVersion 7.22 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net Publisher New.net, Inc. HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net URLInfoAbout http://www.new.net/ HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net HelpLink http://www.new.net/help_faq.tp HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net URLUpdateInfo http://www.new.net/index.tp HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net VersionMajor 7 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net VersionMinor 22 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net URLUpdateInfo http://www.new.net/index.tp HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net HelpLink http://www.new.net/help_faq.tp HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net URLInfoAbout http://www.new.net/ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net Publisher New.net, Inc. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net DisplayIcon C:\WINDOWS\NDNUNI~1.EXE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net UninstallString C:\WINDOWS\NDNUNI~1.EXE HKEY_LOCAL_MACHINE\SOFTWARE\New.net Search 1 HKEY_LOCAL_MACHINE\SOFTWARE\New.net LSPStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\New.net Prt HKEY_LOCAL_MACHINE\SOFTWARE\New.net Source HKEY_LOCAL_MACHINE\SOFTWARE\New.net DiscardTag HKEY_LOCAL_MACHINE\software\new.net HKEY_LOCAL_MACHINE\software\new.net Activity 15335 HKEY_LOCAL_MACHINE\software\new.net InstalledVersion 458774 HKEY_LOCAL_MACHINE\software\new.net InstalledPath C:\Programme\NewDotNet\newdotnet7_22.dll HKEY_LOCAL_MACHINE\software\new.net Tag id=d20a000654aa47948ceccbdb987c0241 HKEY_LOCAL_MACHINE\software\new.net DiscardTag HKEY_LOCAL_MACHINE\software\new.net FirstTime HKEY_LOCAL_MACHINE\software\new.net Source SHNT288 HKEY_LOCAL_MACHINE\software\new.net Prt NN100 HKEY_LOCAL_MACHINE\software\new.net LSPStatus 0 HKEY_LOCAL_MACHINE\software\new.net NextUpgradeHi 29823592 HKEY_LOCAL_MACHINE\software\new.net NextUpgradeLo -1700620778 HKEY_LOCAL_MACHINE\software\new.net UpgradeCounter 2 HKEY_LOCAL_MACHINE\software\new.net Search 1 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net DisplayName New.net Domains 7.22 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net UninstallString C:\WINDOWS\NDNUNI~1.EXE HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net DisplayIcon C:\WINDOWS\NDNUNI~1.EXE HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net DisplayVersion 7.22 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net Publisher New.net, Inc. HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net URLInfoAbout http://www.new.net/ HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net HelpLink http://www.new.net/help_faq.tp HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net URLUpdateInfo http://www.new.net/index.tp HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net VersionMajor 7 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\new.net VersionMinor 22 HKEY_LOCAL_MACHINE\software\new.net Activity 15335 HKEY_LOCAL_MACHINE\software\new.net InstalledVersion 458774 HKEY_LOCAL_MACHINE\software\new.net InstalledPath C:\Programme\NewDotNet\newdotnet7_22.dll HKEY_LOCAL_MACHINE\software\new.net Tag id=d20a000654aa47948ceccbdb987c0241 HKEY_LOCAL_MACHINE\software\new.net DiscardTag HKEY_LOCAL_MACHINE\software\new.net FirstTime HKEY_LOCAL_MACHINE\software\new.net Source SHNT288 HKEY_LOCAL_MACHINE\software\new.net Prt NN100 HKEY_LOCAL_MACHINE\software\new.net LSPStatus 0 HKEY_LOCAL_MACHINE\software\new.net NextUpgradeHi 29823592 HKEY_LOCAL_MACHINE\software\new.net NextUpgradeLo -1700620778 HKEY_LOCAL_MACHINE\software\new.net UpgradeCounter 2 HKEY_LOCAL_MACHINE\software\new.net Search 1 HKEY_LOCAL_MACHINE\SOFTWARE\New.net Tag FunWebProducts Adware Bundler more information... Details: Fun Web Products bundles adware software in its products. Status: Deleted Infected registry entries detected HKEY_CURRENT_USER\SOFTWARE\Fun Web Products\ScreenSaver HKEY_CURRENT_USER\SOFTWARE\Fun Web Products\ScreenSaver ImagesFile 01AD1788.urr HKEY_CURRENT_USER\SOFTWARE\Fun Web Products HKEY_CURRENT_USER\SOFTWARE\Fun Web Products\ScreenSaver ImagesFile 01AD1788.urr HKEY_CURRENT_USER\SOFTWARE\FunWebProducts HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings\MSNMessenger SessionCount 77 HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings\MSNMessenger SessionTimestamp 7237328 HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings UID C89C2169-D3A5-4946-B681-F1565E591BB9 HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings BinParam234 HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings BinParam105 HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings BinParam101 HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings BinParam108 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton\CLSID {8E6F1832-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton\CurVer FunWebProducts.PopSwatterBarButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton Bar Button Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1\CLSID {8E6F1832-9607-4440-8530-13BE7C4B1D14} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1 Bar Button Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler\CLSID {C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler\CurVer FunWebProducts.HistoryKillerScheduler.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler HistoryKillerScheduler Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1\CLSID {C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1 HistoryKillerScheduler Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1\CLSID {98D9753D-D73B-42D5-8C85-4469CDA897AB} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1 Fun Web Products HTML Menu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl\CLSID {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl\CurVer FunWebProducts.PopSwatterSettingsControl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl PopSwatter Settings Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1\CLSID {0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1 IECookiesManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager\CLSID {0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager\CurVer FunWebProducts.IECookiesManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.IECookiesManager IECookiesManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager\CLSID {B813095C-81C0-4E40-AA14-67520372B987} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager\CurVer FunWebProducts.KillerObjManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager KillerObjManager Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1\CLSID {CFF4CE82-3AA2-451F-9B77-7165605FB835} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1 HistorySwatterControlBar Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1\CLSID {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1 PopSwatter Settings Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar\CLSID {CFF4CE82-3AA2-451F-9B77-7165605FB835} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar\CurVer FunWebProducts.HistorySwatterControlBar.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar HistorySwatterControlBar Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu\CLSID {3DC201FB-E9C9-499C-A11F-23C360D7C3F8} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu\CurVer FunWebProducts.HTMLMenu.2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu Fun Web Products HTML Menu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2\CLSID {3DC201FB-E9C9-499C-A11F-23C360D7C3F8} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2 Fun Web Products HTML Menu HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1\CLSID {B813095C-81C0-4E40-AA14-67520372B987} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\FunWebProducts.KillerObjManager. Dieser Beitrag wurde am 25.11.2006 um 05:08 Uhr von Sayf editiert.
|
|
|
||
25.11.2006, 15:37
Ehrenmitglied
Beiträge: 29434 |
#6
ja, das ist schief gelaufen denn ich hatte angwiesen
Zitat LSPfixnun ist der winsock zerstoert.... klicke auf das backup vom avenger unter c:\Avernger\backup.zip , starte den rechner neu. dann sind zwar alle viren wieder auf dem rechner, und auch die newdotnet7_22.dll dann wende LSPfix an, loesche die newdotnet7_22.dll mit dem proggie, dann wende den avenger erneut an und auch noch mal Counterspy und berichte __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
25.11.2006, 17:50
...neu hier
Themenstarter Beiträge: 6 |
#7
so! ich habe die letzten Schritte durchgeführt:
Internetverbindung steht wieder Counterspy has NOT detected any spyware on your computer. Scheint als ob das Problem gelöst wurde! ( sollte ich dann trotzdem den Computer formatieren?) Danke Sabina! [/img] |
|
|
||
25.11.2006, 17:56
Ehrenmitglied
Beiträge: 29434 |
#8
nein, nicht formatieren
poste bitte das neue log vom combofix und die 6 logs von datfindbat __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
25.11.2006, 18:59
...neu hier
Themenstarter Beiträge: 6 |
#9
log vom combofix und die von datfindbat (Danke):
walid - 06-11-25 18:00:37,32 Service Pack 2 ComboFix 06.11.22 - Running from: "C:\Dokumente und Einstellungen\walid\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-10-25 to 2006-11-25 )))))))))))))))))))))))))))))))))) 2006-11-25 16:37 <DIR> d-------- C:\avenger 2006-11-25 03:56 <DIR> d-------- C:\Programme\Sunbelt Software 2006-11-25 03:16 53,248 --a------ C:\WINDOWS\system32\Process.exe 2006-11-25 03:16 40,960 --a------ C:\WINDOWS\system32\swsc.exe 2006-11-25 03:16 4,440 --a------ C:\WINDOWS\system32\tmp.reg 2006-11-25 03:16 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2006-11-25 03:16 135,168 --a------ C:\WINDOWS\system32\swreg.exe 2006-11-24 21:13 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe 2006-11-24 19:22 <DIR> d-------- C:\Programme\CleanUp! 2006-11-24 09:08 <DIR> d-------- C:\Programme\Gemeinsame Dateien\iS3 2006-11-24 02:22 <DIR> d-------- C:\Programme\SPYWAREfighter 2006-11-24 02:18 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Google 2006-11-24 02:17 <DIR> d-------- C:\Programme\Spyware Doctor 2006-11-24 02:17 <DIR> d-------- C:\Programme\Google 2006-11-24 02:17 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google 2006-11-24 01:45 <DIR> d-------- C:\Program Files 2006-11-22 03:25 315,392 --a------ C:\WINDOWS\system32\rlls.dll 2006-11-19 13:27 178,408 --a------ C:\WINDOWS\system32\muweb.dll 2006-11-19 13:27 128,232 --a------ C:\WINDOWS\system32\mucltui.dll 2006-11-18 15:05 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Live Toolbar 2006-11-18 15:04 <DIR> d-------- C:\Programme\Windows Live Toolbar 2006-11-18 15:03 <DIR> d-------- C:\Programme\MSN Messenger 2006-11-16 00:06 <DIR> d-------- C:\WINDOWS\SxsCaPendDel 2006-11-14 20:08 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2006-11-13 22:28 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\MSNInstaller 2006-11-12 03:00 <DIR> d-------- C:\Programme\WinRAR 2006-11-12 01:38 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Contacts 2006-11-11 05:46 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Nokia Multimedia Player 2006-11-10 14:55 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Nokia 2006-11-10 14:55 <DIR> d-------- C:\Programme\DIFX 2006-11-10 14:54 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite 2006-11-08 21:49 <DIR> d-------- C:\WINDOWS\WBEM 2006-11-08 21:49 <DIR> d-------- C:\WINDOWS\system32\de-de 2006-11-08 21:46 <DIR> d--h-c--- C:\WINDOWS\ie7 2006-11-08 21:44 121,856 --------- C:\WINDOWS\system32\xmllite.dll 2006-11-08 21:43 <DIR> d-------- C:\WINDOWS\network diagnostic 2006-11-08 21:39 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage 2006-11-08 20:57 <DIR> d-------- C:\Programme\SymNetDrv 2006-11-06 00:51 <DIR> d-------- C:\Dokumente und Einstellungen\walid\runtime-EclipseApplication 2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-10-31 23:55 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\CyberLink 2006-10-29 20:43 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Phone Browser 2006-10-29 20:43 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Nokia 2006-10-29 20:43 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\DataLayer 2006-10-29 20:35 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2006-10-29 20:35 <DIR> d-------- C:\Programme\Nokia 2006-10-29 20:35 <DIR> d-------- C:\Programme\Gemeinsame Dateien\PCSuite 2006-10-29 20:35 <DIR> d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\PC Suite 2006-10-29 20:34 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations 2006-10-27 15:09 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll 2006-10-27 15:09 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-10-27 15:09 458,752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-10-27 15:09 180,736 --------- C:\WINDOWS\system32\ieui.dll 2006-10-27 02:44 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-25 16:36 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-11-24 21:11 869 --a------ C:\Dokumente und Einstellungen\walid\Anwendungsdaten\AdobeDLM.log 2006-11-24 21:11 0 --a------ C:\Dokumente und Einstellungen\walid\Anwendungsdaten\dm.ini 2006-11-24 21:11 -------- d-------- C:\Programme\Adobe 2006-11-24 21:03 -------- d-------- C:\Programme\Gemeinsame Dateien\Adobe 2006-11-24 00:43 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Skype 2006-11-23 23:12 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\AdobeUM 2006-11-22 17:26 -------- d---s---- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Microsoft 2006-11-22 03:26 -------- d-------- C:\Programme\Internet Explorer 2006-11-19 17:47 -------- d-------- C:\Programme\Gemeinsame Dateien\Symantec Shared 2006-11-18 15:00 -------- d-------- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2006-11-13 22:28 -------- d-------- C:\Programme\MSN 2006-11-08 20:59 -------- d-------- C:\Programme\Norton AntiVirus 2006-11-08 20:58 -------- d-------- C:\Programme\Symantec 2006-10-27 15:09 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-10-27 15:09 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-10-27 15:09 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-10-27 02:44 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-10-27 02:44 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-10-27 02:44 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-10-27 02:44 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-10-27 02:44 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-10-27 02:44 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-10-27 02:44 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-10-27 02:44 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-10-27 02:42 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-10-24 10:17 48424 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-10-17 13:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 13:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 13:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 13:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 13:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 13:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 12:58 61952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 12:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 12:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 12:57 266752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 12:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 12:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 12:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll 2006-10-14 23:56 -------- d-------- C:\Programme\Windows Media Player 2006-10-14 23:56 -------- d-------- C:\Programme\Messenger 2006-10-14 23:52 -------- d-------- C:\Programme\Outlook Express 2006-10-14 23:52 -------- d-------- C:\Programme\Gemeinsame Dateien\System 2006-10-14 22:52 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Macromedia 2006-10-14 19:53 -------- d-------- C:\Programme\Microsoft.NET 2006-10-14 19:51 -------- d-------- C:\Programme\Microsoft Office 2006-10-14 19:51 -------- d-------- C:\Programme\Gemeinsame Dateien\DESIGNER 2006-10-13 13:35 146432 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-12 19:24 -------- d-------- C:\Programme\Canon 2006-10-08 20:34 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Adobe 2006-10-08 14:22 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Real 2006-10-08 14:21 -------- d-------- C:\Programme\Gemeinsame Dateien\xing shared 2006-10-08 14:21 -------- d-------- C:\Programme\Gemeinsame Dateien\Real 2006-10-08 14:20 -------- d-------- C:\Programme\Real 2006-10-08 10:56 -------- d-------- C:\Programme\Skype 2006-10-08 00:53 -------- d-------- C:\Programme\Hewlett-Packard 2006-10-07 23:24 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Symantec 2006-10-07 23:22 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Samsung Electronics 2006-10-07 23:22 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Help 2006-10-07 23:19 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-10-07 23:19 -------- d-------- C:\Programme\Samsung 2006-10-07 23:14 -------- d-------- C:\Programme\CyberLink 2006-10-07 23:13 -------- d-------- C:\Programme\Ahead 2006-10-07 23:12 -------- d-------- C:\Programme\Gemeinsame Dateien\Ahead 2006-10-07 23:08 -------- d-------- C:\Programme\PIC 2006-10-07 23:07 -------- d-------- C:\Programme\MSXML 4.0 2006-10-07 23:06 -------- d-------- C:\Programme\Gemeinsame Dateien\InstallShield 2006-10-07 23:05 -------- d-------- C:\Programme\Synaptics 2006-10-07 23:05 -------- d-------- C:\Programme\SRS Labs 2006-10-07 23:05 -------- d-------- C:\Programme\ltmoh 2006-10-07 23:04 -------- d-------- C:\Programme\Analog Devices 2006-10-07 23:03 -------- d-------- C:\Programme\Intel 2006-10-07 23:02 -------- d-------- C:\Programme\ATI Technologies 2006-10-07 20:34 -------- d-------- C:\Programme\MATLAB 2006-10-07 20:17 -------- d--h----- C:\Programme\Uninstall Information 2006-10-07 20:17 -------- d-------- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\Identities 2006-10-07 20:15 -------- d-------- C:\Programme\Java 2006-10-07 20:15 -------- d-------- C:\Programme\Gemeinsame Dateien\Java 2006-10-07 20:09 62 --ahs---- C:\Dokumente und Einstellungen\walid\Anwendungsdaten\desktop.ini 2006-10-07 20:09 -------- d-------- C:\Programme\Gemeinsame Dateien\SpeechEngines 2006-10-07 20:09 -------- d-------- C:\Programme\Gemeinsame Dateien\ODBC 2006-10-07 20:05 -------- d-------- C:\Programme\xerox 2006-10-07 20:05 -------- d-------- C:\Programme\microsoft frontpage 2006-10-07 20:04 0 -rahs---- C:\MSDOS.SYS 2006-10-07 20:04 0 -rahs---- C:\IO.SYS 2006-10-07 20:04 0 --a------ C:\CONFIG.SYS 2006-10-07 20:04 0 --a------ C:\AUTOEXEC.BAT 2006-10-07 20:03 -------- d--h----- C:\Programme\WindowsUpdate 2006-10-07 20:03 -------- d-------- C:\Programme\Online-Dienste 2006-10-07 20:02 -------- d-------- C:\Programme\NetMeeting 2006-10-07 20:02 -------- d-------- C:\Programme\Movie Maker 2006-10-07 20:02 -------- d-------- C:\Programme\Gemeinsame Dateien\MSSoap 2006-10-07 20:02 -------- d-------- C:\Programme\Gemeinsame Dateien\Dienste 2006-10-07 20:01 -------- d-------- C:\Programme\ComPlus Applications 2006-10-07 20:00 -------- d-------- C:\Programme\Windows NT 2006-10-07 20:00 -------- d-------- C:\Programme\Online Services 2006-10-07 20:00 -------- d-------- C:\Programme\MSN Gaming Zone 2006-09-15 22:52 91904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2006-09-13 06:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-09-06 17:42 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-08-25 16:46 617472 --a------ C:\WINDOWS\system32\comctl32.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MsnMsgr"="~\"C:\\Programme\\MSN Messenger\\MsnMsgr.Exe\" /background" "SweetIM"="C:\\Programme\\Macrogaming\\SweetIM\\SweetIM.exe" "swg"="C:\\Programme\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0\\bin\\jusched.exe" "ATIPTA"="\"C:\\Programme\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "SoundMAXPnP"="C:\\Programme\\Analog Devices\\SoundMAX\\SMax4PNP.exe" "SoundMAX"="C:\\Programme\\Analog Devices\\SoundMAX\\Smax4.exe /tray" "SynTPLpr"="C:\\Programme\\Synaptics\\SynTP\\SynTPLpr.exe" "SynTPEnh"="C:\\Programme\\Synaptics\\SynTP\\SynTPEnh.exe" "AGRSMMSG"="AGRSMMSG.exe" "LtMoh"="C:\\Programme\\ltmoh\\Ltmoh.exe" "MagicKeyboard"="C:\\Programme\\SAMSUNG\\MagicKBD\\PreMKBD.exe" "AVStation premium"="\"C:\\Programme\\Samsung\\AVStation premium\\bin\\AVStation agent.exe\"" "BatteryManager"="C:\\Programme\\Samsung\\Samsung Battery Manager\\BatteryManager.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "RemoteControl"="C:\\Programme\\CyberLink\\PowerDVD\\PDVDServ.exe" "ccApp"="\"C:\\Programme\\Gemeinsame Dateien\\Symantec Shared\\ccApp.exe\"" "SamsungPIC"="C:\\Programme\\Samsung\\Samsung Command Center\\PIC_UI.exe" "TkBellExe"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot" "Easy-PrintToolBox"="C:\\Programme\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon" "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer" "PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup" "SunServer"="C:\\Programme\\Sunbelt Software\\CounterSpy\\Consumer\\sunserver.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{076394AD-7FDD-44EF-A075-32C68DBAB99B}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Norton AntiVirus - Meinen Computer prfen - walid.job Completion time: 06-11-25 18:01:14.54 C:\ComboFix.txt ... 06-11-25 18:01 C:\ComboFix2.txt ... 06-11-24 23:03 C:\ComboFix3.txt ... 06-11-24 23:00 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Hier die logs von datfindbat: 1.Log Verzeichnis von C:\WINDOWS\system32\ 2.Log Verzeichnis von C:\DOKUME~1\Username\LOKALE~1\Temp\ 3.Log Verzeichnis von C:\WINDOWS\ 4.Log Verzeichnis von C:\WINDOWS\temp\ 5.Log Verzeichnis von C:\WINDOWS\Downloaded Program Files 6.Log Verzeichnis von C:\ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 21.08.2006 10:14 23.040 fltmc.exe Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\WINDOWS\system32 25.11.2006 16:36 1.543 walid_KBD.ini 25.11.2006 03:30 4.440 tmp.reg 25.11.2006 03:30 0 tmp.txt 24.11.2006 09:57 3.500 ikhcore.log 22.11.2006 03:25 1.429.504 rk.bin 22.11.2006 03:25 315.392 rlls.dll 16.11.2006 06:20 10.474.920 MRT.exe 08.11.2006 21:45 2.206 wpa.dbl 08.11.2006 20:35 314.842 perfh009.dat 08.11.2006 20:35 41.170 perfc009.dat 08.11.2006 20:35 320.668 perfh007.dat 08.11.2006 20:35 49.570 perfc007.dat 08.11.2006 20:35 726.560 PerfStringBackup.INI 04.11.2006 14:14 1.245.696 msxml4.dll 27.10.2006 17:12 1.040.384 ieframe.dll.mui Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\DOKUME~1\walid\LOKALE~1\Temp 25.11.2006 16:37 0 JET7B93.tmp 25.11.2006 16:37 176 PICLog.log 25.11.2006 16:37 0 JET7375.tmp 25.11.2006 16:36 49.152 ~DFEB02.tmp 25.11.2006 16:36 32.768 ~DF195F.tmp 25.11.2006 16:36 16.384 ~DFE492.tmp 6 Datei(en) 98.480 Bytes 0 Verzeichnis(se), 35.136.167.936 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\WINDOWS 25.11.2006 18:12 159 wiadebug.log 25.11.2006 18:12 50 wiaservc.log 25.11.2006 16:44 1.305.346 WindowsUpdate.log 25.11.2006 16:36 0 0.log 25.11.2006 16:36 2.048 bootstat.dat 25.11.2006 16:34 32.700 SchedLgU.Txt 25.11.2006 03:51 608.314 setupapi.log 25.11.2006 03:32 181.784 setupact.log 25.11.2006 03:29 266.378 ntbtlog.txt 25.11.2006 02:11 116 NeroDigital.ini 23.11.2006 01:00 37.184 DPINST.LOG Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\WINDOWS\Temp Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\WINDOWS\Downloaded Program Files 09.11.2006 14:36 5.019 swflash.inf 07.10.2006 20:03 65 desktop.ini 2 Datei(en) 5.084 Bytes 0 Verzeichnis(se), 35.136.143.360 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 142A-EDEF Verzeichnis von C:\ 25.11.2006 18:28 0 sys.txt 25.11.2006 18:26 345 down.txt 25.11.2006 18:26 117 tmp.txt 25.11.2006 18:25 8.694 system.txt 25.11.2006 18:24 536 systemtemp.txt 25.11.2006 18:23 95.961 system32.txt 25.11.2006 18:01 16.212 ComboFix.txt 25.11.2006 16:36 17.584 avenger.txt 25.11.2006 16:36 1.610.612.736 pagefile.sys 25.11.2006 03:30 879 rapport.txt 24.11.2006 23:20 10.928 files.txt 24.11.2006 23:03 17.628 ComboFix2.txt 24.11.2006 23:00 17.591 ComboFix3.txt 07.10.2006 23:06 86 setup.log 07.10.2006 20:04 0 CONFIG.SYS 07.10.2006 20:04 0 IO.SYS 07.10.2006 20:04 0 MSDOS.SYS 07.10.2006 20:04 0 AUTOEXEC.BAT 07.10.2006 19:46 211 boot.ini 04.08.2004 13:00 4.952 bootfont.bin 04.08.2004 13:00 47.564 NTDETECT.COM 04.08.2004 13:00 251.184 ntldr 22 Datei(en) 1.611.103.208 Bytes 0 Verzeichnis(se), 35.136.139.264 Bytes frei |
|
|
||
25.11.2006, 19:50
Ehrenmitglied
Beiträge: 29434 |
#10
normalerweise ist diese dll auch im winsock, da du aber schreibst: nein, loesche sie mit dem avenger.
wenn dann das Internet wieder mal hops gehen sollte, weiss du ja, was zu tun ist Avenger Zitat Files to delete:dann sollte wieder alles o.k. sein __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
25.11.2006, 20:15
...neu hier
Themenstarter Beiträge: 6 |
#11
Hallo Sabina,
habe also avenger durchgeführt (war mir aber nicht sicher ob ich nur dein letztes zitat in das avenger feld einfügen sollte, oder wie beim ersten Mal wo ich avenger benutzen sollte: registry keys to delete: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{192c5b4a-3efd-40c7-9f99-c472deb8efc0} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ae18da4e-be15-4925-81bb-890c04af0200} .... + dein letztes Zitat.) Jedenfalls schien es mir irrgendwie logischer nur Files to delete: C:\WINDOWS\system32\rlls.dll C:\WINDOWS\system32\rk.bin zu kopieren. Nach dem reboot: Internet OK habe keinen avenger log bekommen (ich habe C:\avenger\backup.zip Sicherheitshalber noch nicht gelöscht) Kann ich davon ausgehen dass jetzt alles OK ist? Danke. Sayf |
|
|
||
26.11.2006, 10:08
Ehrenmitglied
Beiträge: 29434 |
#12
wenn
C:\WINDOWS\system32\rlls.dll C:\WINDOWS\system32\rk.bin rausgeloescht sind (kannst du selbst mit der datfindbat ueberpruefen) - sollte wieder alles i.o. sein ______ das obere avengescript hatte sich auf Grund der Systemwiederherstellung auf einen Tag, bevor du diesen ganzen Muell geladen hast - erledigt) das ist alles im 2.Log von Combofix nicht mehr vohanden (ausser der rlls.dll ) 2006-11-24 02:13 <DIR> d-------- C:\Programme\MalwareWiper 2006-11-24 02:01 <DIR> d-------- C:\Programme\Antivirus-Golden 2006-11-24 00:33 77,824 --a------ C:\WINDOWS\system32\dcvwaah.dll 2006-11-24 00:33 <DIR> d-------- C:\Programme\Virus-Bursters 2006-11-24 00:32 <DIR> d-------- C:\Programme\Gold Codec 2006-11-22 17:26 <DIR> d-------- C:\Programme\Macrogaming 2006-11-22 03:26 28,672 --a------ C:\WINDOWS\system32\f3PSSavr.scr 2006-11-22 03:26 <DIR> d-------- C:\Programme\MyWebSearch 2006-11-22 03:25 315,392 --a------ C:\WINDOWS\system32\rlls.dll 2006-11-22 03:25 <DIR> d-------- C:\Programme\FunWebProducts 2006-11-22 03:23 183,296 --a-s---- C:\WINDOWS\NDNuninstall7_22.exe 2006-11-22 03:22 1,429,504 --a------ C:\WINDOWS\system32\rlvknlg.exe 2006-11-22 03:21 8,464 --a------ C:\WINDOWS\system32\sporder.dll 2006-11-22 03:21 <DIR> d-a-s---- C:\Programme\NewDotNet __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Kann mir bitte Jemand helfen? Ich habe durch das Internet wahrscheinlich ein Virus eingefangen dass mir am Anfang pausenlos Browser-Fenster neu angezeigt hat (die ich doch noch schließen konnte) und seitdem, ständig eine Systemgefährdungsmeldung in der Taskleiste anzeigt. Northon Antivirus meldet 9 möglische Risiko Quellen, löscht diese aber nicht. Hier die Pfade und anschließend die Logfile (hoffe das reicht vorerst, danke):
c:\WIN\System32\dcwaah.dll Ad.Spysheriff
c:\windows\NDNuninstall7 22.exe Ad.NDotNet
c:\Programme\NewDotNet\newdotnet7 22.exe Ad.NDotNet
c:\WIN\Syst32\rk.bin Spyware.Marketscore
c:\WIN\Syst32\rlls.dll Spyware.Marketscore
c:\WIN\Syst32\rlvknlg.exe Spyware.Marketscore
c:\Dokumente und Einstellunegn\walid\Lokale Einstellungen\Temp\SHNT288.exe Ad. NDotNet
c:\Program Files\PestTrap\uninstall.exe Ad.NDotNet
c:\Progam Files\NewDotNet\uninstall7.exe Ad.NDotNet
Logfile of HijackThis v1.99.1
Scan saved at 19:31:37, on 24.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.5.0\bin\jusched.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\ltmoh\Ltmoh.exe
C:\Programme\Samsung\AVStation premium\bin\AVStation agent.exe
C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Samsung\Samsung Command Center\PIC_UI.exe
C:\PROGRA~1\Samsung\SA8644~1\SAMSUN~1.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programme\SAMSUNG\MagicKBD\MagicKBD.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Programme\Macrogaming\SweetIM\SweetIM.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Messenger\msmsgs.exe
C:\DOKUME~1\walid\LOKALE~1\Temp\Rar$EX00.953\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programme\NewDotNet\newdotnet7_22.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programme\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programme\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [AVStation premium] "C:\Programme\Samsung\AVStation premium\bin\AVStation agent.exe"
O4 - HKLM\..\Run: [BatteryManager] C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SamsungPIC] C:\Programme\Samsung\Samsung Command Center\PIC_UI.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk789YYDE
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\Programme\MATLAB\R2006a\webserver\bin\win32\matlabserver.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe