Icq + IE schmieren sofort nach Start ab!Thema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
09.09.2006, 15:35
Member
Beiträge: 37 |
||
|
||
09.09.2006, 16:23
Ehrenmitglied
Beiträge: 29434 |
#2
1.
Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten 2. poste das log vom avenger, was erscheint 3. öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =PC neustarten 4. CleanUp anwenden http://virus-protect.org/cleanup.html 5. scanne mit Counterspy, stelle alles auf remove http://virus-protect.org/counterspy.html und poste den scanreport __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
09.09.2006, 16:57
Member
Themenstarter Beiträge: 37 |
#3
1. Avenger log
////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 0 Line: HKEY_CURRENT_USER\SOFTWARE\zango ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\evbtpiff ******************* Script file located at: \??\C:\Program Files\nbvxhkus.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\Downloaded Program Files\ClientAX.dll deleted successfully. File C:\WINDOWS\Downloaded Program Files\SAIX.dll not found! Deletion of file C:\WINDOWS\Downloaded Program Files\SAIX.dll failed! Could not process line: C:\WINDOWS\Downloaded Program Files\SAIX.dll Status: 0xc0000034 Folder C:\Programme\Zango deleted successfully. Folder C:\Program Files\Zango Programs not found! Deletion of folder C:\Program Files\Zango Programs failed! Could not process line: C:\Program Files\Zango Programs Status: 0xc0000034 Folder C:\Programme\MyGlobalSearch deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\zango deleted successfully. Completed script processing. ******************* Finished! Terminate. |
|
|
||
09.09.2006, 16:58
Ehrenmitglied
Beiträge: 29434 |
#4
4.
CleanUp anwenden http://virus-protect.org/cleanup.html 5. scanne mit Counterspy, stelle alles auf remove http://virus-protect.org/counterspy.html und poste den scanreport __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
09.09.2006, 17:45
Member
Themenstarter Beiträge: 37 |
#5
Um nach dem CS Scan den Take Action Button betätigen zu können muss ich nen Reg Key haben.
Liegt wohl daran das ich Counterspy schon mal vor einiger Zeit benutzt hatte als ich nen Prob hatte und das hier im Forum gepostet hab. |
|
|
||
09.09.2006, 17:52
Ehrenmitglied
Beiträge: 29434 |
#6
dann poste nur den report, ich sehe, was ich machen kann
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
09.09.2006, 19:13
Member
Themenstarter Beiträge: 37 |
#7
Spyware Scan Details
Start Date: 09.09.2006 17:07:08 End Date: 09.09.2006 17:40:14 Total Time: 33 mins 6 secs Detected spyware WildTangent Low Risk Adware more information... Details: WildTangent is an online gaming plugin bundle from Wildtangent.com similar to Macromedia’s flash. WildTangent uses a built in required feature that is used to provide adware based advertising to the user. Status: Ignored Infected files detected c:\windows\wt\wtvh.dll c:\windows\wt\wtwmplug.dll Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT.1\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT.1 WT Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT\CurVer WT3D.WT.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT WT Class HKEY_CLASSES_ROOT\clsid\{8ecf83a0-1ac9-11d4-8501-00a0cc5d1f63} HKEY_CLASSES_ROOT\clsid\{8ecf83a0-1ac9-11d4-8501-00a0cc5d1f63}\InprocServer32 C:\WINDOWS\wt\wtwmplug.dll HKEY_CLASSES_ROOT\clsid\{8ecf83a0-1ac9-11d4-8501-00a0cc5d1f63}\InprocServer32 ThreadingModel Both HKEY_CLASSES_ROOT\clsid\{8ecf83a0-1ac9-11d4-8501-00a0cc5d1f63} WMplug Property Page HKEY_CLASSES_ROOT\clsid\{ecfbe6e0-1ac8-11d4-8501-00a0cc5d1f63} HKEY_CLASSES_ROOT\clsid\{ecfbe6e0-1ac8-11d4-8501-00a0cc5d1f63}\InprocServer32 C:\WINDOWS\wt\wtwmplug.dll HKEY_CLASSES_ROOT\clsid\{ecfbe6e0-1ac8-11d4-8501-00a0cc5d1f63}\InprocServer32 ThreadingModel Both HKEY_CLASSES_ROOT\clsid\{ecfbe6e0-1ac8-11d4-8501-00a0cc5d1f63} WMplug HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\InprocServer32 C:\WINDOWS\wt\webdriver.dll HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\MiscStatus 0 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\ProgID WT3D.WT.1 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\ToolboxBitmap32 C:\WINDOWS\wt\webdriver.dll, 101 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\VersionIndependentProgID WT3D.WT HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3} WT Class HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000} IWTDrop HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000} IWTVector3D HKEY_CLASSES_ROOT\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b} HKEY_CLASSES_ROOT\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{1113c0b6-5300-4d5d-b2d7-35c14b28341b} IWTActor HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44} IWTVisualizer HKEY_CLASSES_ROOT\interface\{16410859-886f-4579-bc1f-330a139d0f0f} HKEY_CLASSES_ROOT\interface\{16410859-886f-4579-bc1f-330a139d0f0f}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{16410859-886f-4579-bc1f-330a139d0f0f}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{16410859-886f-4579-bc1f-330a139d0f0f}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{16410859-886f-4579-bc1f-330a139d0f0f}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{16410859-886f-4579-bc1f-330a139d0f0f} IWTOnLoadEvent HKEY_CLASSES_ROOT\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08} HKEY_CLASSES_ROOT\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{35ed7dfb-a8ed-4216-a4bb-bc08c326ef08} IWTCollisionInfo HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64} IWTCamera HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000} IWTBitmap HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa} IWTFile HKEY_CLASSES_ROOT\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7} HKEY_CLASSES_ROOT\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{aa0c96f9-a994-42d7-9543-842cf85e1ba7} IWTJoystick HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3} IWT HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3} _IWTEvents HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000} IWTOrientation3D HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30} IWTSysInfo HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000} IWTLight HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3} IWTObject HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3} IWTModel HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3} IWTContainer HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3} IWTStage HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3} IWTGroup HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3} IWTEvent HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3} IWTAudioClip HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\0\win32 C:\WINDOWS\wt\webdriver.dll HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\HELPDIR C:\WINDOWS\wt\ HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0 WebDriver 1.0 Type Library HKEY_CLASSES_ROOT\wt3d.wt HKEY_CLASSES_ROOT\wt3d.wt\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\wt3d.wt\CurVer WT3D.WT.1 HKEY_CLASSES_ROOT\wt3d.wt WT Class HKEY_CLASSES_ROOT\wt3d.wt.1 HKEY_CLASSES_ROOT\wt3d.wt.1\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\wt3d.wt.1 WT Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63}\InprocServer32 C:\WINDOWS\wt\wtwmplug.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63}\InprocServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ECF83A0-1AC9-11D4-8501-00A0CC5D1F63} WMplug Property Page HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63}\InprocServer32 C:\WINDOWS\wt\wtwmplug.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63}\InprocServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECFBE6E0-1AC8-11D4-8501-00A0CC5D1F63} WMplug HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\InprocServer32 C:\WINDOWS\wt\webdriver.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ProgID WT3D.WT.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ToolboxBitmap32 C:\WINDOWS\wt\webdriver.dll, 101 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\VersionIndependentProgID WT3D.WT HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3} WT Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000} IWTDrop HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000} IWTVector3D HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1113C0B6-5300-4D5D-B2D7-35C14B28341B} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1113C0B6-5300-4D5D-B2D7-35C14B28341B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1113C0B6-5300-4D5D-B2D7-35C14B28341B}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1113C0B6-5300-4D5D-B2D7-35C14B28341B}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1113C0B6-5300-4D5D-B2D7-35C14B28341B}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1113C0B6-5300-4D5D-B2D7-35C14B28341B} IWTActor HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44} IWTVisualizer HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16410859-886F-4579-BC1F-330A139D0F0F} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16410859-886F-4579-BC1F-330A139D0F0F}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16410859-886F-4579-BC1F-330A139D0F0F}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16410859-886F-4579-BC1F-330A139D0F0F}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16410859-886F-4579-BC1F-330A139D0F0F}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16410859-886F-4579-BC1F-330A139D0F0F} IWTOnLoadEvent HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35ED7DFB-A8ED-4216-A4BB-BC08C326EF08} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35ED7DFB-A8ED-4216-A4BB-BC08C326EF08}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35ED7DFB-A8ED-4216-A4BB-BC08C326EF08}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35ED7DFB-A8ED-4216-A4BB-BC08C326EF08}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35ED7DFB-A8ED-4216-A4BB-BC08C326EF08}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35ED7DFB-A8ED-4216-A4BB-BC08C326EF08} IWTCollisionInfo HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64} IWTCamera HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000} IWTBitmap HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA} IWTFile HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA0C96F9-A994-42D7-9543-842CF85E1BA7} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA0C96F9-A994-42D7-9543-842CF85E1BA7}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA0C96F9-A994-42D7-9543-842CF85E1BA7}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA0C96F9-A994-42D7-9543-842CF85E1BA7}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA0C96F9-A994-42D7-9543-842CF85E1BA7}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA0C96F9-A994-42D7-9543-842CF85E1BA7} IWTJoystick HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3} IWT HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3} IWTGroup HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3} IWTAudioClip HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\0\win32 C:\WINDOWS\wt\webdriver.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\HELPDIR C:\WINDOWS\wt\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0 WebDriver 1.0 Type Library BearShare P2P more information... Details: BearShare is a file sharing network. The free version installs a number of known spyware and adware programs. Status: Ignored Infected files detected D:\Programme\BearShare\BSidle.dll d:\programme\bearshare\runmsc.dll Infected registry entries detected HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 d:\Programme\BearShare\RunMSC.dll HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1 HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905} HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class HKEY_CLASSES_ROOT\gnufile HKEY_CLASSES_ROOT\gnufile\shell\open\command "d:\Programme\BearShare\BearShare.exe" "%1" HKEY_CLASSES_ROOT\gnufile gnutella HKEY_CLASSES_ROOT\gnufile BrowserFlags 8 HKEY_CLASSES_ROOT\gnufile EditFlags 65536 HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905} HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 d:\Programme\BearShare\RunMSC.dll HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR d:\Programme\BearShare\ HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library HKEY_CURRENT_USER\appevents\eventlabels\bearsharechatnotifymsg HKEY_CURRENT_USER\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting HKEY_CURRENT_USER\appevents\schemes\apps\bearshare HKEY_CURRENT_USER\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current d:\Programme\BearShare\sounds\notify.wav HKEY_CURRENT_USER\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg HKEY_CURRENT_USER\appevents\schemes\apps\bearshare BearShare HKEY_LOCAL_MACHINE\software\bearshare HKEY_LOCAL_MACHINE\software\bearshare InstallDir d:\Programme\BearShare HKEY_LOCAL_MACHINE\software\classes\gnufile HKEY_LOCAL_MACHINE\software\classes\gnufile\shell\open\command "d:\Programme\BearShare\BearShare.exe" "%1" HKEY_LOCAL_MACHINE\software\classes\gnufile gnutella HKEY_LOCAL_MACHINE\software\classes\gnufile BrowserFlags 8 HKEY_LOCAL_MACHINE\software\classes\gnufile EditFlags 65536 HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905} HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 d:\Programme\BearShare\RunMSC.dll HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR d:\Programme\BearShare\ HKEY_LOCAL_MACHINE\software\classes\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayName BearShare HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare UninstallString D:\PROGRA~1\BEARSH~2\UNWISE.EXE D:\PROGRA~1\BEARSH~2\INSTALL.LOG HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayVersion 5.2.5.6 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare HelpLink http://bearshare.com/help.htm HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare Publisher Free Peers, Inc. HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare URLInfoAbout http://www.freepeers.com HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bearshare DisplayIcon d:\Programme\BearShare\BearShare.exe,-128 HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting HKEY_USERS\.default\appevents\schemes\apps\bearshare HKEY_USERS\.default\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current d:\Programme\BearShare\sounds\notify.wav HKEY_USERS\.default\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg HKEY_USERS\.default\appevents\schemes\apps\bearshare BearShare HKEY_USERS\s-1-5-18\appevents\eventlabels\bearsharechatnotifymsg HKEY_USERS\s-1-5-18\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current d:\Programme\BearShare\sounds\notify.wav HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg HKEY_USERS\s-1-5-18\appevents\schemes\apps\bearshare BearShare WhenU.SaveNow Adware more information... Details: an advertising application that displays pop-up advertising on the desktop in response to users' surfing behavior. Status: Ignored Infected files detected D:\Programme\BearShare\RunMSC.dll D:\Programme\BearShare\Webstats.exe D:\Programme\BearShare\Webstats.ini Infected registry entries detected HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07} HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07} HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver RunMSC.Loader.1 HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97} HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905} HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97} ILoader HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 d:\Programme\BearShare\RunMSC.dll HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1 HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905} HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class Neoturk RAT more information... Status: Ignored Infected files detected D:\Programme\Valve\Steam\SteamApps\freestyler4ever\counter-strike source\cstrike\sound\admin_plugin\hlvb.wav RBot.steam Trojan more information... Status: Ignored Infected files detected E:\Programme\Half life\platform\steam_dev.exe Zango Search Assistant Adware more information... Details: Zango Search Assistant opens new browser windows showing websites based on the previous websites you visit. Status: Ignored Infected registry entries detected HKEY_CURRENT_USER\Software\zango HKEY_CURRENT_USER\Software\zango last_conn_h 29806480 HKEY_CURRENT_USER\Software\zango last_conn_l -1582751626 HKEY_CURRENT_USER\Software\zango we 2 HKEY_CURRENT_USER\Software\zango cdata 01zM8fY4Pjz%2f2eU5ykwF2WKD4i7vOGf68ZAm01xPGNy3gRrwg5yCweqAgVctm%2b%2bHrHy yVbCqMA28GyUdV7TLQQwPYJNobfxpZwP8D6Iqd%2b LZmgTu%2fw%2fNv9nrsrSnWJeVYYOVwmomfWl5YZRa9aY5 16%2fRYAPdq4woflQ%2bRS6T2a5tVuk89bGADwPruQ%2f%2fAh2fYeC HKEY_CURRENT_USER\Software\zango TimeOffset -25200 HKEY_CURRENT_USER\Software\zango geourl_current_version 12 HKEY_CURRENT_USER\Software\zango geourl_last_full_version 12 HKEY_CURRENT_USER\Software\zango actionurl_current_version 575 HKEY_CURRENT_USER\Software\zango actionurl_last_full_version 571 HKEY_CURRENT_USER\Software\zango keyword_current_version 985 HKEY_CURRENT_USER\Software\zango keyword_last_full_version 979 HKEY_CURRENT_USER\Software\zango recent_shown HKEY_CURRENT_USER\Software\zango key_int_high 29807577 HKEY_CURRENT_USER\Software\zango key_int_low 304654458 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ProgID ClientAX.ClientInstaller.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\VersionIndependentProgID ClientAX.ClientInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} ClientInstaller Class HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango DisplayName Zango Search Assistant HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango UninstallString c:\programme\zango\zango.exe /uninst_simple_init=y HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango DisplayIcon c:\programme\zango\zango.exe,5 HKEY_CURRENT_USER\Software\zango HKEY_CURRENT_USER\Software\zango last_conn_h 29806480 HKEY_CURRENT_USER\Software\zango last_conn_l -1582751626 HKEY_CURRENT_USER\Software\zango we 2 HKEY_CURRENT_USER\Software\zango cdata 01zM8fY4Pjz%2f2eU5ykwF2WKD4i7vOGf68ZAm01xPGNy3gRrwg5yCweqAgVctm%2b%2bHrHyyVbCqMA28GyUdV7 TLQQwPYJNobfxpZwP8D6Iqd%2bLZmgTu%2fw%2fNv9nrsrSnWJeVYYOVwmomfWl5YZRa9aY516%2fRYAPdq4wof lQ%2bRS6T2a5tVuk89bGADwPruQ%2f%2fAh2fYeC HKEY_CURRENT_USER\Software\zango TimeOffset -25200 HKEY_CURRENT_USER\Software\zango geourl_current_version 12 HKEY_CURRENT_USER\Software\zango geourl_last_full_version 12 HKEY_CURRENT_USER\Software\zango actionurl_current_version 575 HKEY_CURRENT_USER\Software\zango actionurl_last_full_version 571 HKEY_CURRENT_USER\Software\zango keyword_current_version 985 HKEY_CURRENT_USER\Software\zango keyword_last_full_version 979 HKEY_CURRENT_USER\Software\zango recent_shown HKEY_CURRENT_USER\Software\zango key_int_high 29807577 HKEY_CURRENT_USER\Software\zango key_int_low 304654458 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ProgID ClientAX.ClientInstaller.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\VersionIndependentProgID ClientAX.ClientInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} ClientInstaller Class HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango DisplayName Zango Search Assistant HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango UninstallString c:\programme\zango\zango.exe /uninst_simple_init=y HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango DisplayIcon c:\programme\zango\zango.exe,5 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ProgID ClientAX.RequiredComponent.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\VersionIndependentProgID ClientAX.RequiredComponent HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} RequiredComponent Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9} IClientInstaller2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} IClientInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} IRequiredComponent HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 ClientAX 1.0 Type Library HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Programmable HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Control HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 ClientAX 1.0 Type Library HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ProgID ClientAX.RequiredComponent.1 HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\VersionIndependentProgID ClientAX.RequiredComponent HKEY_CLASSES_ROOT\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} RequiredComponent Class HKEY_CLASSES_ROOT\ClientAX.ClientInstaller HKEY_CLASSES_ROOT\ClientAX.ClientInstaller\CLSID {99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_CLASSES_ROOT\ClientAX.ClientInstaller\CurVer ClientAX.ClientInstaller.1 HKEY_CLASSES_ROOT\ClientAX.ClientInstaller ClientInstaller Class HKEY_CLASSES_ROOT\ClientAX.ClientInstaller.1 HKEY_CLASSES_ROOT\ClientAX.ClientInstaller.1\CLSID {99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_CLASSES_ROOT\ClientAX.ClientInstaller.1 ClientInstaller Class HKEY_CLASSES_ROOT\ClientAX.RequiredComponent HKEY_CLASSES_ROOT\ClientAX.RequiredComponent\CLSID {0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_CLASSES_ROOT\ClientAX.RequiredComponent\CurVer ClientAX.RequiredComponent.1 HKEY_CLASSES_ROOT\ClientAX.RequiredComponent RequiredComponent Class HKEY_CLASSES_ROOT\ClientAX.RequiredComponent.1 HKEY_CLASSES_ROOT\ClientAX.RequiredComponent.1\CLSID {0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_CLASSES_ROOT\ClientAX.RequiredComponent.1 RequiredComponent Class My Search Bar Potentially Unwanted Software more information... Status: Ignored Infected registry entries detected HKEY_CLASSES_ROOT\clsid\{014DA6C9-189F-421a-88CD-07CFE51CFF10} HKEY_CLASSES_ROOT\clsid\{014DA6C9-189F-421a-88CD-07CFE51CFF10}\InprocServer32 C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL HKEY_CLASSES_ROOT\clsid\{014DA6C9-189F-421a-88CD-07CFE51CFF10} HKEY_CLASSES_ROOT\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} HKEY_CLASSES_ROOT\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}\InprocServer32 C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL HKEY_CLASSES_ROOT\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} 180search Assistant Adware more information... Details: 180search Assistant logs the web pages you visit, when you visit them and uploads the data to its servers. Status: Ignored Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 ClientAX 1.0 Type Library HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} IClientInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ProgID ClientAX.ClientInstaller.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\VersionIndependentProgID ClientAX.ClientInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} ClientInstaller Class HKEY_CLASSES_ROOT\interface\{2b0eceac-f597-4858-a542-d966b49055b9} HKEY_CLASSES_ROOT\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{2b0eceac-f597-4858-a542-d966b49055b9} IClientInstaller2 HKEY_LOCAL_MACHINE\software\classes\clientax.clientinstaller.1 HKEY_LOCAL_MACHINE\software\classes\clientax.clientinstaller.1\CLSID {99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_LOCAL_MACHINE\software\classes\clientax.clientinstaller.1 ClientInstaller Class HKEY_LOCAL_MACHINE\software\classes\clientax.clientinstaller HKEY_LOCAL_MACHINE\software\classes\clientax.clientinstaller\CLSID {99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_LOCAL_MACHINE\software\classes\clientax.clientinstaller\CurVer ClientAX.ClientInstaller.1 HKEY_LOCAL_MACHINE\software\classes\clientax.clientinstaller ClientInstaller Class HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9} IClientInstaller2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 ClientAX 1.0 Type Library HKEY_CLASSES_ROOT\ClientAX.RequiredComponent HKEY_CLASSES_ROOT\ClientAX.RequiredComponent\CLSID {0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_CLASSES_ROOT\ClientAX.RequiredComponent\CurVer ClientAX.RequiredComponent.1 HKEY_CLASSES_ROOT\ClientAX.RequiredComponent RequiredComponent Class HKEY_CLASSES_ROOT\ClientAX.RequiredComponent.1 HKEY_CLASSES_ROOT\ClientAX.RequiredComponent.1\CLSID {0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_CLASSES_ROOT\ClientAX.RequiredComponent.1 RequiredComponent Class HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango DisplayName Zango Search Assistant HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango UninstallString c:\programme\zango\zango.exe /uninst_simple_init=y HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango DisplayIcon c:\programme\zango\zango.exe,5 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus\1 132497 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ProgID ClientAX.ClientInstaller.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\ VersionIndependentProgID ClientAX.ClientInstaller HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287} ClientInstaller Class HKEY_CURRENT_USER\Software\zango HKEY_CURRENT_USER\Software\zango last_conn_h 29806480 HKEY_CURRENT_USER\Software\zango last_conn_l -1582751626 HKEY_CURRENT_USER\Software\zango we 2 HKEY_CURRENT_USER\Software\zango cdata 01zM8fY4Pjz%2f2eU5ykwF2WKD4i7vOGf68ZAm01xPGNy3gRrwg5yCweqAgVctm%2b%2bHrHyyVbCqMA28GyUdV7T LQQwPYJNobfxpZwP8D6Iqd%2bLZmgTu%2fw%2fNv9nrsrSnWJeVYYOVwmomfWl5YZRa9aY516% 2fRYAPdq4woflQ%2bRS6T2a5tVuk89bGADwPruQ%2f%2fAh2fYeC HKEY_CURRENT_USER\Software\zango TimeOffset -25200 HKEY_CURRENT_USER\Software\zango geourl_current_version 12 HKEY_CURRENT_USER\Software\zango geourl_last_full_version 12 HKEY_CURRENT_USER\Software\zango actionurl_current_version 575 HKEY_CURRENT_USER\Software\zango actionurl_last_full_version 571 HKEY_CURRENT_USER\Software\zango keyword_current_version 985 HKEY_CURRENT_USER\Software\zango keyword_last_full_version 979 HKEY_CURRENT_USER\Software\zango recent_shown HKEY_CURRENT_USER\Software\zango key_int_high 29807577 HKEY_CURRENT_USER\Software\zango key_int_low 304654458 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus 0 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ProgID ClientAX.RequiredComponent.1 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Version 1.0 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\VersionIndependentProgID ClientAX.RequiredComponent HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} RequiredComponent Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Control HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Programmable HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Control HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Programmable HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda} HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0 ClientAX 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 ClientAX 1.0 Type Library HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} IRequiredComponent HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} IRequiredComponent HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad} IClientInstaller HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} IClientInstaller HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} IRequiredComponent HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9} IClientInstaller2 HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9} IClientInstaller2 Adw.MyGlobalSearch.Toolbar Toolbar more information... Details: Adw.MyGlobalSearch.Toolbar is an IE plugin with its own Search Field. Status: Ignored Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32 C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL HKEY_CLASSES_ROOT\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\TypeLib {37B85A20-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} My Global Search Bar HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404} HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32 C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL HKEY_CLASSES_ROOT\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{37B8 |
|
|
||
10.09.2006, 00:20
Ehrenmitglied
Beiträge: 29434 |
#8
nee, das ist mir zuviel, da sitze ich morgen noch dran, wenn ich einen Saeuberung mit dem avenger mache...
* deinstalliere counterspy * Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten * lade, scanne und poste den scanreport http://virus-protect.org/artikel/tools/superantispyware.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
10.09.2006, 02:23
Member
Themenstarter Beiträge: 37 |
#9
So
endlich fertig^^ Das Prog sucht ja auch ewig => SUPERAntiSpyware Scan Log Generated 09/10/2006 at 01:38 AM Core Rules Database Version : 3078 Trace Rules Database Version: 1113 Memory Thread detected : 0 Registry Thread detected : 133 File Thread detected : 50 Adware.MyWay HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}\InprocServer32 C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL Adware.MyGlobalSearchBar HKLM\Software\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32 HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32#ThreadingModel HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\Programmable HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\TypeLib HKU\S-1-5-21-1644491937-2025429265-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser#{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404} HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0 HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\0 HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\0\win32 HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\FLAGS HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\HELPDIR HKU\S-1-5-21-1644491937-2025429265-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{37B85A29-692B-4205-9CAD-2626E4993404} C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP544\A0101820.DLL Adware.Zango HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56F1D444-11BF-4879-A12B-79CF0177F038} Adware.Tracking Cookie C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@paypal.112.2o7[1].txt C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@rambler[2].txt C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@atwola[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@2o7[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@ad.adition[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@ad.zanox[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@adfarm1.adition[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@ads.demonews[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@ads.heias[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@ads.planetactive[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@ads.uclick[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@adultfriendfinder[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@advertising[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@as1.falkag[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@doubleclick[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@e-2dj6wjkyuhcjkbp.stats.esomniture[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@ehg-arenatv.hitbox[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@euros4click[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@hg1.hitbox[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@hitbox[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@komtrack[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@m1.webstats4u[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@mediaplex[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@mediavantage[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@partners.webmasterplan[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@usenext[2].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@webstats4u[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@www.etracker[1].txt C:\Dokumente und Einstellungen\Freestyler\Lokale Einstellungen\Temp\Cookies\freestyler@www.zanox-affiliate[1].txt Adware.180solutions/ZangoSearch C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zango\Go to Library.url C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zango\Uninstall Zango Instructions.lnk C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zango\Zango Customer Support.url C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zango HKCR\ClientAX.ClientInstaller HKCR\ClientAX.ClientInstaller\CLSID HKCR\ClientAX.ClientInstaller\CurVer HKCR\ClientAX.ClientInstaller.1 HKCR\ClientAX.ClientInstaller.1\CLSID HKCR\ClientAX.RequiredComponent HKCR\ClientAX.RequiredComponent\CLSID HKCR\ClientAX.RequiredComponent\CurVer HKCR\ClientAX.RequiredComponent.1 HKCR\ClientAX.RequiredComponent.1\CLSID HKCR\zangohook.SABHO HKCR\zangohook.SABHO\CLSID HKCR\zangohook.SABHO\CurVer HKCR\zangohook.SABHO.1 HKCR\zangohook.SABHO.1\CLSID HKU\S-1-5-21-1644491937-2025429265-725345543-1003\Software\Zango HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango#DisplayIcon HKCR\ClientAX.ZangoClientAX HKCR\ClientAX.ZangoClientAX\CLSID HKCR\ClientAX.ZangoClientAX\CurVer HKCR\ClientAX.ZangoClientAX.1 HKCR\ClientAX.ZangoClientAX.1\CLSID HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9} HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\Control HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\InprocServer32 HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\InprocServer32#ThreadingModel HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\MiscStatus HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\MiscStatus\1 HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\ProgID HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\Programmable HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\ToolboxBitmap32 HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\TypeLib HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\Version HKCR\CLSID\{51CF80DC-A309-4735-BB11-EF18BF4E3AD9}\VersionIndependentProgID HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6} HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\InprocServer32 HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\InprocServer32#ThreadingModel HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\ProgID HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\Programmable HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\TypeLib HKCR\CLSID\{F31A5D11-BF0B-4A4E-90AF-274F2090AAA6}\VersionIndependentProgID HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Control HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32#ThreadingModel HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus\1 HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ProgID HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Programmable HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ToolboxBitmap32 HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Version HKCR\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\VersionIndependentProgID HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0 HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS HKCR\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E} HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0 HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0 HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\0\win32 HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\FLAGS HKCR\TypeLib\{8BE3FABA-7468-4851-B97C-0750AF2B908E}\1.0\HELPDIR HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C} HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\ProxyStubClsid HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\ProxyStubClsid32 HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\TypeLib HKCR\Interface\{6C092742-10FE-4DB2-988D-FC71948DE70C}\TypeLib#Version HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5} HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\ProxyStubClsid HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\ProxyStubClsid32 HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\TypeLib HKCR\Interface\{7FA8976F-D00C-4E98-8729-A66569233FB5}\TypeLib#Version HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1} HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\ProxyStubClsid HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\ProxyStubClsid32 HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\TypeLib HKCR\Interface\{A16650A9-B065-40EC-BBD1-F8D370D17FB1}\TypeLib#Version HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31} HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\ProxyStubClsid HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\ProxyStubClsid32 HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\TypeLib HKCR\Interface\{BDDDF1A5-51A9-4F51-B38D-4CD0AD831B31}\TypeLib#Version HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4} HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\ProxyStubClsid HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\ProxyStubClsid32 HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\TypeLib HKCR\Interface\{E43DFAA6-8C16-4519-B022-8792408505A4}\TypeLib#Version C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP505\A0098526.exe Adware.180solutions/Search Assistant HKCR\LMgr180.WMDRMAx HKCR\LMgr180.WMDRMAx\CLSID HKCR\LMgr180.WMDRMAx\CurVer HKCR\LMgr180.WMDRMAx.1 HKCR\LMgr180.WMDRMAx.1\CLSID HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9} HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid32 HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib HKCR\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib#Version HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32 HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib HKCR\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib#Version HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid32 HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib HKCR\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib#Version C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP505\A0098522.dll C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP505\A0098524.exe C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP534\A0101082.dll C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP534\A0101083.exe C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP544\A0101823.exe C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP544\A0101824.dll BearShare File Sharing Client D:\Programme\BearShare\BearShare.exe C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\BearShare.lnk C:\Dokumente und Einstellungen\Freestyler\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk C:\Dokumente und Einstellungen\Freestyler\Desktop\Verknüpfungen usw\Bearshare\BearShare.lnk C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP522\A0099235.lnk C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP545\A0102082.lnk Unclassified.Unknown Origin C:\Programme\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\Restart.exe Adware.Zango Toolbar C:\System Volume Information\_restore{A5864215-ABDF-42F8-945F-93AF85B0410E}\RP505\A0098525.dll |
|
|
||
10.09.2006, 12:44
Ehrenmitglied
Beiträge: 29434 |
#10
nun poste das neue Log vom HijackThis.
dann lade Firefox und surfe nur noch mit diesem Browser, der IE bleibt fuer die WindowsUpdates. http://virus-protect.org/firefox.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
10.09.2006, 13:38
Member
Themenstarter Beiträge: 37 |
#11
Hmm, na gut.
Werd versuchen mich dran zu halten^^ Logfile of HijackThis v1.99.1 Scan saved at 13:37:50, on 10.09.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe e:\Programme\ewido anti-malware\ewidoctrl.exe C:\Programme\Firebird\Firebird_1_5\bin\fbguard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Ideazon\Zboard Software\Driver\ZboardTray.exe C:\Programme\Razer\razertra.exe C:\Programme\Razer\razerhid.exe D:\Programme\QuickTime\qttask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programme\Razer\razerofa.exe C:\WINDOWS\system32\RunDll32.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\Ideazon\Zboard Software\Driver\Zboard.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\ElkCtrl.exe D:\Programme\Java\jre1.5.0_08\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Firebird\Firebird_1_5\bin\fbserver.exe D:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe D:\Programme\ICQLite\ICQLite.exe C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Dokumente und Einstellungen\Freestyler\Desktop\AntivirenZeugs\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastminute-auction.com/de/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {37B85A21-692B-4205-9CAD-2626E4993404} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [razertra] C:\Programme\Razer\razertra.exe O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CloneCDElbyCDFL] "e:\Programme\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ICQ Lite] "d:\Programme\ICQLite\ICQLite.exe" -minimize O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programme\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programme\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programme\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "d:\Programme\Winamp\Winampa.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] e:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Global Startup: Adobe Reader - Schnellstart.lnk = D:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Translate English Word - res://c:\programme\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\programme\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - d:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - d:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{984E62DF-99C2-425F-BEB2-8F5935F94241}: NameServer = 192.168.0.1 O20 - Winlogon Notify: SASWinLogon - D:\Programme\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ewido security suite control - ewido networks - e:\Programme\ewido anti-malware\ewidoctrl.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Programme\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Programme\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) |
|
|
||
10.09.2006, 14:11
Ehrenmitglied
Beiträge: 29434 |
#12
fixe mit dem HijackThis:
Zitat O2 - BHO: (no name) - {37B85A21-692B-4205-9CAD-2626E4993404} - (no file)PC neustarten installiere den ICQLite neu. ---------------------------------------------------- Start - Programme - Zubehör - Systemprogramme - Datenträgerbereinigung - Click:Temporäre Internet Files/Temporäre Internet Dateien, o.k. - Click:Temporäre Dateien, o.k ** mit dem IE: scanne mit panda und poste den scanreport http://virus-protect.org/onlinescan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
10.09.2006, 19:52
Member
Themenstarter Beiträge: 37 |
#13
Incident Status Location
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Programme\Mozilla Firefox\plugins\NPMyGlSh.dll Adware:adware/atlas Not disinfected c:\windows\switpc.dat Adware:adware/ist.istbar Not disinfected c:\programme\gemeinsame dateien\Totem Shared Adware:adware/cws Not disinfected Windows Registry Potentially unwanted tool:application/mywebsearch Not disinfected hkey_local_machine\software\MyGlobalSearch Potentially unwanted tool:application/myway Not disinfected hkey_classes_root\clsid\{014DA6C9-189F-421a-88CD-07CFE51CFF10} Adware:adware/savenow Not disinfected Windows Registry Adware:adware/powerscan Not disinfected Windows Registry Adware:adware/comet Not disinfected Windows Registry Potentially unwanted tool:Application/Zango Not disinfected C:\avenger\backup-10.09.2006- 0.47.20,84.zip[avenger/ClientAX.dll] Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\avenger\backup-10.09.2006- 0.47.20,84.zip[avenger/MyGlobalSearch/bar/1.bin/M9PLUGIN.DLL] Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\avenger\backup-10.09.2006- 0.47.20,84.zip[avenger/MyGlobalSearch/bar/1.bin/MGSBAR.DLL] Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\avenger\backup-10.09.2006- 0.47.20,84.zip[avenger/MyGlobalSearch/bar/1.bin/NPMYGLSH.DLL] Potentially unwanted tool:Application/Zango Not disinfected C:\avenger\backup-10.09.2006- 0.47.20,84.zip[avenger/Zango/zango.exe] Potentially unwanted tool:Application/Zango Not disinfected C:\avenger\backup-10.09.2006- 0.47.20,84.zip[avenger/Zango/zangohook.dll] Spyware:Cookie/Tradedoubler Not disinfected C:\Dokumente und Einstellungen\Freestyler\Anwendungsdaten\Mozilla\Firefox\Profiles\ermb26za.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Hitbox Not disinfected C:\Dokumente und Einstellungen\Freestyler\Anwendungsdaten\Mozilla\Firefox\Profiles\ermb26za.default\cookies.txt[.hitbox.com/] Spyware:Cookie/Advertising Not disinfected C:\Dokumente und Einstellungen\Freestyler\Anwendungsdaten\Mozilla\Firefox\Profiles\ermb26za.default\cookies.txt[.advertising.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Dokumente und Einstellungen\Freestyler\Anwendungsdaten\Mozilla\Firefox\Profiles\ermb26za.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Freestyler\Anwendungsdaten\Mozilla\Firefox\Profiles\ermb26za.default\cookies.txt[as1.falkag.de/] Spyware:Cookie/2o7 Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@2o7[1].txt Spyware:Cookie/adultfriendfinder Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@adultfriendfinder[2].txt Spyware:Cookie/Advertising Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@advertising[1].txt Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@as1.falkag[2].txt Spyware:Cookie/Atwola Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@atwola[1].txt Spyware:Cookie/Com.com Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@com[1].txt Spyware:Cookie/cs.sexcounter Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@cs.sexcounter[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@doubleclick[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@serving-sys[1].txt Spyware:Cookie/SexList Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@sexlist[2].txt Spyware:Cookie/Tradedoubler Not disinfected C:\Dokumente und Einstellungen\Freestyler\Cookies\freestyler@tradedoubler[2].txt Potentially unwanted tool:Application/Zango Not disinfected C:\Programme\Mozilla Firefox\plugins\npclntax.dll Potentially unwanted tool:Application/Zango Not disinfected D:\Programme\BearShare\BearShareZangoInstaller.exe |
|
|
||
10.09.2006, 21:44
Ehrenmitglied
Beiträge: 29434 |
#14
nix1990
Avenger Zitat Files to delete:** loesche alle backups vom avenger C:\avenger\backup-10.09.2006- 0.47.20,84.zip ** lade keinen Muell mehr, wenn du in Zukunft in Ruhe im Net surfen willst...siehe: BearShare __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
10.09.2006, 22:19
Member
Themenstarter Beiträge: 37 |
#15
Hm ja ich weiß schon das BearShare n Haufen ungewolltes Zeugs reinholt. Aber wo soll man denn sonst Illegal seine Musik herbekommen?
Kannst du mir nen sicheres Filesharing Programm empfehlen? ach ja kurze Frage noch. Ich weiß das das hier nich hingehört und das mir da auch bestimmt keiner Helfen kann Aber seitdem hier vor Monaten nen Blitz eingeschlagen und den Strom gekappt hat denkt mein PC meine Windows Version sei gefälscht und nervt mich immer damit eine neue zu kaufen. Da kann man aber nichts machen als wirklich ne neue kaufen oder? Danke schon mal MfG Julien |
|
|
||
in letzter Zeit hab ich n ziemlich extremes Problem.
Seit ner Woche oder so schmiert mein Internet Explorer sowie mein Icq immer mal wieder mit dieser
"xyz hat ein Problem festgestellt und musste beendet werden"
Meldung ab.
Seit heute morgen brauch ich mich bei icq nur noch anzumelden bzw den IE anmachen und schon kommt die Meldung.
Ich denke mal da hab ich mir was richtig gutes eingefangen und hoffe das ich das Prob ohne Formatierung beheben kann.
Hier mein Hijack log
Logfile of HijackThis v1.99.1
Scan saved at 15:33:27, on 09.09.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
e:\Programme\ewido anti-malware\ewidoctrl.exe
C:\Programme\Firebird\Firebird_1_5\bin\fbguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Ideazon\Zboard Software\Driver\ZboardTray.exe
C:\Programme\Razer\razertra.exe
C:\Programme\Razer\razerhid.exe
C:\Programme\Razer\razerofa.exe
D:\Programme\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Ideazon\Zboard Software\Driver\Zboard.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\system32\ElkCtrl.exe
D:\Programme\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
E:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\dwwin.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\dwwin.exe
C:\Dokumente und Einstellungen\Freestyler\Desktop\AntivirenZeugs\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lastminute-auction.com/de/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Zango Search Assistant Helper /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B94E3D679557D4E2139CF - {56F1D444-11BF-4879-A12B-79CF0177F038} - c:\programme\zango\zangohook.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Programme\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [razertra] C:\Programme\Razer\razertra.exe
O4 - HKLM\..\Run: [razer] C:\Programme\Razer\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "e:\Programme\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ICQ Lite] "d:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programme\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programme\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Programme\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "d:\Programme\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [zango] "c:\programme\zango\zango.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] e:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] D:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = D:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\programme\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programme\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - d:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - d:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - e:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - e:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{984E62DF-99C2-425F-BEB2-8F5935F94241}: NameServer = 192.168.0.1
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: Zboard - C:\WINDOWS\SYSTEM32\Winlognotif.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido security suite control - ewido networks - e:\Programme\ewido anti-malware\ewidoctrl.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Programme\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Programme\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Hoffentlich könnt ihr mir helfen!
MfG Julien