doppelte IEXPLORE.EXE im Taskmanager/ProzesseThema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
06.10.2006, 22:59
Member
Themenstarter Beiträge: 13 |
||
|
||
06.10.2006, 23:44
Ehrenmitglied
Beiträge: 29434 |
#17
ich hatte doch geschrieben, dass du nach dem scan alles auf "remove" stellen sollst..........
Status: Ignored - das ist nicht zu empfehlen __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
07.10.2006, 09:05
Member
Themenstarter Beiträge: 13 |
#18
Sorry,
ich führe den scan nochmal durch und setze dann alles auf Remove. Die gewünschten 6 Log's: 1.Log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 4360-AE0F Verzeichnis von C:\WINDOWS\system32 07.10.2006 07:21 29.351 nvapps.xml 07.10.2006 07:20 1.374 wpa.dbl 05.10.2006 16:41 736 bknhajaq.txt 04.10.2006 20:51 166.712 FNTCACHE.DAT 24.09.2006 03:42 65.536 QuickTimeVR.qtx 24.09.2006 03:42 49.152 QuickTime.qts 11.09.2006 19:37 8.960.936 MRT.exe 29.08.2006 09:51 1.339.392 FreeImage.dll 21.08.2006 14:26 16.896 fltlib.dll 21.08.2006 11:14 23.040 fltmc.exe 28.07.2006 13:28 3.075.072 mshtml.dll 27.07.2006 15:25 679.424 inetcomm.dll 25.07.2006 22:33 615.936 urlmon.dll 24.07.2006 20:25 30.644 mlfcache.dat 21.07.2006 10:29 72.704 hlink.dll 14.07.2006 17:38 332.288 netapi32.dll 14.07.2006 17:25 546.304 hhctrl.ocx 14.07.2006 14:51 108.144 GEARAspi.dll 13.07.2006 15:34 8.494.592 shell32.dll 12.07.2006 05:58 383.254 perfh009.dat 12.07.2006 05:58 394.500 perfh007.dat 12.07.2006 05:58 53.608 perfc009.dat 12.07.2006 05:58 64.598 perfc007.dat 12.07.2006 05:58 899.052 PerfStringBackup.INI 05.07.2006 12:55 1.057.792 kernel32.dll 2.Log: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 4360-AE0F Verzeichnis von C:\DOKUME~1\FRNK~1\LOKALE~1\Temp 07.10.2006 08:42 1.212.416 ~DF879E.tmp 07.10.2006 07:31 200 jusched.log 07.10.2006 07:23 16.384 ~DFBD89.tmp 07.10.2006 07:23 512 ~DF9D5F.tmp 07.10.2006 07:23 16.384 ~DF9CED.tmp 07.10.2006 07:22 49.152 ~DF85C9.tmp 07.10.2006 07:21 32.768 ~DF491F.tmp 07.10.2006 07:20 16.384 ~DF84A3.tmp 06.10.2006 23:05 1.212.416 ~DFDEF.tmp 06.10.2006 21:32 983 TmpICQMagic_{EC202595-1DFD-4301-A1EA-13C1E331B505}23551.html 06.10.2006 21:32 16.384 ~DFC7C6.tmp 06.10.2006 21:32 16.384 ~DF9CAE.tmp 06.10.2006 17:17 978 TmpICQMagic_{05736BBE-C20F-4F10-A6DE-4DB1E3564B0E}30080.html 06.10.2006 16:54 1.212.416 ~DF8ABB.tmp 06.10.2006 16:51 49.152 ~DFD94E.tmp 06.10.2006 16:51 32.768 ~DFCFC9.tmp 06.10.2006 16:51 16.384 ~DFAC78.tmp 06.10.2006 15:26 49.152 ~DFFFB0.tmp 06.10.2006 15:11 16.384 ~DFD733.tmp 07.05.2006 19:12 32.855 ICQRT.dll 03.02.2005 17:30 5.739 ICQTIK.dll 17.12.2004 12:51 36.864 ICQInstall.exe 22 Datei(en) 4.043.059 Bytes 0 Verzeichnis(se), 1.311.211.520 Bytes frei 3.Log: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 4360-AE0F Verzeichnis von C:\WINDOWS 07.10.2006 07:19 0 0.log 07.10.2006 07:19 1.788.199 WindowsUpdate.log 07.10.2006 07:19 159 wiadebug.log 07.10.2006 07:19 50 wiaservc.log 07.10.2006 07:18 2.048 bootstat.dat 06.10.2006 23:13 32.580 SchedLgU.Txt 06.10.2006 23:13 656 wincmd.ini 06.10.2006 23:12 179 wcx_ftp.ini 05.10.2006 16:26 6.763 resetlog.txt 05.10.2006 15:33 210.360 setupapi.log 05.10.2006 15:01 552.728 ntbtlog.txt 05.10.2006 05:12 674 win.ini 05.10.2006 05:12 320 system.ini 04.10.2006 22:20 202 NeroDigital.ini 04.10.2006 21:44 121 GEARInstall.log 03.10.2006 13:22 186.217 setupact.log 01.10.2006 18:49 209 Q312370.log 26.09.2006 19:53 76.074 iis6.log 26.09.2006 19:53 172.219 comsetup.log 26.09.2006 19:53 189.175 tsoc.log 26.09.2006 19:53 102.895 ntdtcsetup.log 26.09.2006 19:53 27.004 ocmsn.log 26.09.2006 19:53 1.374 imsins.log 26.09.2006 19:53 10.478 KB925486.log 26.09.2006 19:53 239.114 ocgen.log 26.09.2006 19:53 24.525 msgsocm.log 26.09.2006 19:53 485.248 FaxSetup.log 21.09.2006 18:24 139 msicpl.ini 18.09.2006 20:58 632 CoDUO.INI 14.09.2006 05:43 1.374 imsins.BAK 14.09.2006 05:43 13.079 KB920685.log 14.09.2006 05:42 15.444 KB920872.log 14.09.2006 05:42 13.228 KB919007.log 14.09.2006 05:41 9.189 KB922582.log 14.09.2006 05:41 38.759 updspapi.log 09.09.2006 18:32 151.835 DirectX.log 26.08.2006 09:03 1.633 IE4 Error Log.txt 25.08.2006 09:35 192 winamp.ini 25.08.2006 08:30 5.543 spupdsvc.log 25.08.2006 08:26 22.899 WgaNotify.log 09.08.2006 11:50 16.759 KB920214.log 09.08.2006 11:50 16.475 KB921883.log 09.08.2006 11:50 16.332 KB922616.log 09.08.2006 11:49 16.762 KB921398.log 09.08.2006 11:49 20.103 KB918899.log 09.08.2006 11:49 12.715 KB920670.log 09.08.2006 11:49 12.875 KB917422.log 09.08.2006 11:48 13.128 KB920683.log 25.07.2006 07:10 0 setuperr.log 11.07.2006 22:00 12.431 KB917159.log 11.07.2006 21:59 12.306 KB914388.log 11.07.2006 21:59 10.376 KB916595.log 08.07.2006 14:58 1.063.659 setupapi.log.1.old 4.Log: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 4360-AE0F Verzeichnis von C:\WINDOWS\Temp 07.10.2006 07:21 409 WGANotify.settings 07.10.2006 07:18 43 WGAErrLog.txt 2 Datei(en) 452 Bytes 0 Verzeichnis(se), 1.311.195.136 Bytes frei 5.Log: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 4360-AE0F Verzeichnis von C:\WINDOWS\Downloaded Program Files 27.03.2006 13:00 5.019 swflash.inf 09.08.2005 15:28 65 desktop.ini 02.08.2005 16:48 495 LegitCheckControl.inf 29.06.2005 18:17 227 opuc.inf 26.05.2005 04:19 293 muweb.inf 24.01.2005 12:38 1.249 erma.inf 30.06.2003 22:41 1.689 WMV9VCM.inf 20.01.2000 15:25 1.162 Microsoft XML Parser for Java.osd 8 Datei(en) 10.199 Bytes 0 Verzeichnis(se), 1.311.195.136 Bytes frei 6.Log: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 4360-AE0F Verzeichnis von C:\ 07.10.2006 09:02 0 sys.txt 07.10.2006 09:02 663 down.txt 07.10.2006 09:01 334 tmp.txt 07.10.2006 09:00 15.186 system.txt 07.10.2006 08:58 1.419 systemtemp.txt 07.10.2006 08:55 117.355 system32.txt 07.10.2006 07:18 804.835.328 hiberfil.sys 07.10.2006 07:17 402.653.184 pagefile.sys 06.10.2006 16:33 15.465 ComboFix.txt 05.10.2006 16:42 2.422 avenger.txt 05.10.2006 15:25 675 NoLop.log 05.10.2006 05:42 4.595 look.txt 05.10.2006 05:12 211 boot.ini 26.06.2006 15:30 0 debug1.txt 26.06.2006 15:30 8 GetFlashID.txt 26.05.2006 08:34 2.904 pspbrwse.jbf 25.05.2006 07:43 20.077 avatar_1098734579.jpg 15.05.2006 11:50 974 m_ButtonMetrics.txt 11.03.2006 19:57 105 hf.path 13.01.2006 07:32 0 BHO.log 09.01.2006 07:19 5.393 ResponseText.log 09.01.2006 07:19 5.645 ResponseXML.log 09.01.2006 07:19 427 Request.log Wenn ser Scan von Counterspy fertig ist, schicke ich dir den Bericht. |
|
|
||
07.10.2006, 09:16
Ehrenmitglied
Beiträge: 29434 |
#19
1.
Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. 2. lasse alles loeschen - und poste den scanreport http://virus-protect.org/cureit.html 3. systemwiederherstellung wieder aktivieren __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
07.10.2006, 09:51
Member
Themenstarter Beiträge: 13 |
#20
Der Scan läuft schon, aber ich kann die Systemwiederherstellung nicht öffnen. Weder über Arbeitsplatz/Eigenschaften noch über Start/Programme/Zubehör/Systemprogramme. Kommen immer
Windows- Fehlermeldungen: rstui.exe hat ein Problem festgestellt und muß beendet werden. oder rundll32.exe hat ein Problem festgestellt und muß beendet werden. Reichts vielleicht noch bis nach dem Scan. Muß bestimmt neu starten damit es wieder geht. So der Scan ist jetzt fertig, habe alles auf remove gesetzt und gelöscht. hier der Bericht: Spyware Scan Details Start Date: 07.10.2006 09:06:14 End Date: 07.10.2006 13:40:37 Total Time: 4 hrs 34 mins 23 secs Detected spyware Need2FindBar Potentially Unwanted Program more information... Details: Need2FindBar is a browser helper object (BHO) toolbar that has a search function. Status: Deleted Infected files detected c:\programme\need2find\bar\history\search Infected registry entries detected HKEY_CURRENT_USER\Software\Need2Find HKEY_CLASSES_ROOT\MSIEDe1egate.Application.2 HKEY_CLASSES_ROOT\MSIEDe1egate.Application.2\CLSID {0002DF01-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\MSIEDe1egate.Application.2 Internet Exp1orer (Ver 1.29353) HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner test "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 1 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Home C:\Program Files\Altnet\Points Manager\Points Manager.exe HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Points "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 1 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Redeem "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 2 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Wallet "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 3 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Settings "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 4 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar pid KC HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Dir C:\Programme\Need2Find\bar\ HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar ShzmCurInstall 1 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar CurInstall 1 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar sr 0 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar pl 7 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Id 19E9F562-BB33-436F-9711-E9CD3887D155 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Build 121.36182 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar CacheDir C:\Programme\Need2Find\bar\Cache\ HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar SettingsDir C:\Programme\Need2Find\bar\Settings\ HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar ConfigDateStamp 2005100407 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar HTMLMenuRevision 88 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Flags 530 HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar CfgUrl http://kp.barcfg.need2find.com/speedbar/mySpeedbarCfg2.jsp?s=kb&p=KP HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar HistoryDir C:\Programme\Need2Find\bar\History\ HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Visible 1 AntiLeech Plugin Adware (General) more information... Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software. Status: Deleted Infected files detected c:\programme\anti-leech\alie_1.0.2.2\al2np.dll c:\programme\anti-leech\alie_1.0.2.2\alhlp.exe c:\programme\anti-leech\alie_1.0.2.2\alie.dll c:\programme\anti-leech\alie_1.0.2.2\alie.inf c:\programme\anti-leech\alie_1.0.2.2\iesetup2.exe c:\programme\anti-leech\alie_1.0.2.3\alhlp.exe c:\programme\anti-leech\alie_1.0.2.3\alie.dll c:\programme\anti-leech\alie_1.0.2.3\alie.inf c:\programme\anti-leech\alie_1.0.2.3\iesetup2.exe c:\programme\anti-leech\alnn\al2np.dll c:\programme\anti-leech\alnn\alhlp.exe c:\programme\anti-leech\alnn\npalnn.dll c:\programme\anti-leech\alnn\setup2.exe F:\Programme\Mozilla Firefox\plugins\al2np.dll F:\Programme\Anti-Leech\ALIE_1.0.2.3\alhlp.exe f:\Programme\Anti-Leech\ALIE_1.0.2.3\alie.dll Infected registry entries detected HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla Firefox 1.0.6 F:\Programme\Mozilla Firefox\Plugins HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla Firefox 1.5.0.3 F:\Programme\Mozilla Firefox\plugins\ HKEY_CLASSES_ROOT\AntiLeech.ALIE.1 HKEY_CLASSES_ROOT\AntiLeech.ALIE.1\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\AntiLeech.ALIE.1 Anti-Leech Plug-in HKEY_CLASSES_ROOT\AntiLeech.ALIE HKEY_CLASSES_ROOT\AntiLeech.ALIE\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\AntiLeech.ALIE\CurVer AntiLeech.ALIE.1 HKEY_CLASSES_ROOT\AntiLeech.ALIE Anti-Leech Plug-in HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 F:\PROGRA~1\ANTI-L~1\ALIE_1~1.3\alie.dll HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\ProgID AntiLeech.ALIE.1 HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\TypeLib {056738E1-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\VersionIndependentProgID AntiLeech.ALIE HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} Anti-Leech Plug-in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE DisplayName Anti-Leech Plugin for Internet Explorer HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE UninstallString F:\Programme\Anti-Leech\ALIE_1.0.2.3\iesetup2.exe uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALNN HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALNN DisplayName Anti-Leech Plugin for Mozilla, Opera, Netscape HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALNN UninstallString C:\Programme\Anti-Leech\ALNN\setup2.exe -u Twain Tech Adware (General) more information... Details: Twain-Tech is an adware based Internet Explorer browser helper object that deliver targeted ads based on a user's browsing patters. Twain-Tech does not provide any other relevant purpose other then to display pop-up ads. Status: Deleted Infected files detected c:\windows\smdat32m.sys WindUpdates.MediaAccess Adware (General) more information... Details: WindUpdates.MediaAccess is an adware program that spawns pop-ups on the desktop. Status: Deleted Infected files detected I:\Briefe\2-Glasbestellung.xls Hacktool.Rootkit Rootkit more information... Status: Deleted Infected files detected I:\Umschulung\Michel\Schule Daten\totalcmd\WC32TO16.EXE Altnet P2P Networking Low Risk Adware more information... Details: Altnet P2P Networking is a program that uses peer-to-peer functionality to enable the delivery of content, including advertising, to PC desktops. This content may be used by other programs. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\p2p networking HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\p2p networking SlowInfoCache HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\p2p networking Changed 0 HKEY_LOCAL_MACHINE\SOFTWARE\P2P Networking eDonkey2000 P2P Program more information... Details: eDonkey2000 is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620} HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 F:\Programme\eDonkey2000 Lite\plugins\ed2kie.dll HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\ProgID eD2KDownloadManager.object.1 HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\TypeLib {379919F2-1612-45B7-B9F4-773F6D5214F5} HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\VersionIndependentProgID eD2KDownloadManager.object HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620} eD2K downloadManager object Grokster P2P Program more information... Details: Grokster is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\AppID\{967DCD56-B0E3-4965-B87D-59342FFA9BAA} HKEY_CLASSES_ROOT\AppID\{967DCD56-B0E3-4965-B87D-59342FFA9BAA} TicTacToe NetPumper Adware Bundler more information... Details: Bundles with a number of adware components. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\NetPumper.AddUrl HKEY_CLASSES_ROOT\NetPumper.AddUrl\CLSID {1AA406AB-F581-42AB-B4D1-31D2E13819EF} HKEY_CLASSES_ROOT\NetPumper.AddUrl AddUrl Object HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro\Firstrun state 2 HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro state 2 HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro pkid Tight HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro alid Tight HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro iid {DEC45D3D-A9CD-4975-AE6A-2DD99493D530} HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper VersionInfo rqnkXmwJkMJAIRKo9erlfwNV-1fWDwYMPK8nOwilSGYkwcbdaXQ1arg0N8V9VvVbE88VoMqLNVAx+0RiKN WxDhKgJ7Oo97dp992gQzUmWgZZS2pz3yr2-v73-THqK5tXEH+Wys+Z vAYPFfG0SocHtgXsSXlBhRDgy7-zRS2-a0ZpSGY2orDSjIgFri6TxI8gUY3lmkFTEpSU HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF} HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\LocalServer32 G:\Programme\NetPumper\NetPumper.exe /Automation HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\LocalServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\ProgID NetPumper.AddUrl HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\Typelib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\Version 1.2 HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF} AddUrl Object HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib Version 1.2 HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} IAddUrl HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib Version 1.2 HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} IAddPackage HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\TypeLib {F7258F6E-9F60-49C0-8C82-F0A0993D68E0} HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA} INetscapeInterface HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2\0\win32 G:\Programme\NetPumper\NetPumper.exe HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2\HELPDIR G:\Programme\NetPumper\ HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2 NetPumper Library HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0} HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\0\win32 G:\Programme\NetPumper\NetPumperNNProxy.dll HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\HELPDIR G:\Programme\NetPumper\ HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0 NetPumperNNProxy Library HKEY_CURRENT_USER\Software\NetPumper HKEY_CURRENT_USER\Software\NetPumper\Fränk Field1 632892307 HKEY_CURRENT_USER\Software\NetPumper\Fränk Field2 606579310 HKEY_CURRENT_USER\Software\NetPumper\Fränk Field3 308279413 HKEY_CURRENT_USER\Software\NetPumper\Fränk Field4 1349963470 Accoona.Toolbar Toolbar more information... Details: The Accoona Toolbar is a Internet Explorer toolbar that is bundled and installed with other programs. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\ASearchAssist.ADefaultSearch.1 HKEY_CLASSES_ROOT\ASearchAssist.ADefaultSearch.1\CLSID {944864A5-3916-46E2-96A9-A2E84F3F1208} HKEY_CLASSES_ROOT\ASearchAssist.ADefaultSearch.1 ADefaultSearch Class Cookie: PriceBandit Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\fränk\cookies\fränk@apmebf[2].txt Cookie: ATDMT.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\fränk\cookies\fränk@atdmt[1].txt Cookie: DoubleClick Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\fränk\cookies\fränk@doubleclick[1].txt Cookie: Radar Spy Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\fränk\cookies\fränk@tradedoubler[1].txt Dieser Beitrag wurde am 07.10.2006 um 13:58 Uhr von Fränk268 editiert.
|
|
|
||
07.10.2006, 17:51
Ehrenmitglied
Beiträge: 29434 |
#21
Es gibt die Möglichkeit mit der WINXP CD zu booten und den Reparatur Modus zu verwenden
dann musst die WindopwsUpdates neu machen. dann komme wieder mit einem neuen log vom HijackTHis __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
08.10.2006, 19:28
Member
Themenstarter Beiträge: 13 |
#22
Wie funktioniert das mit der WINXP CD? Wenn ich mit der starte und dann R drücke für reparieren, fährt das Windows nach dem der Text kommt: mit Exit können sie die Wiederherstellungskonsole beenden, von allein normal hoch ohne das ich eine weitere Taste gedrückt habe. Ist das normal?
Ist dann das Windows schon wieder neu hergestellt? Ich habe Windows XP Home. |
|
|
||
09.10.2006, 09:37
Ehrenmitglied
Beiträge: 29434 |
#23
schau mal hier, waehle "reparieren, nicht formatieren"
http://www.informationsarchiv.net/foren/p_beitrag-143645.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
11.10.2006, 05:58
Member
Themenstarter Beiträge: 13 |
#24
Ich habe das Setup mit reparieren 3 mal probiert. Die ersten 2 mal kam beim suchen nach einer installierten Windowsversion, jedes mal ein Bluescreen mit Fehleranzeige der setupdd.exe.
Beim 2. mal hat das Setup ein chkdsk gemacht und irgendwas repariert. Beim 3. mal hat das Setup keine Festplatte mehr gefunden. Dann habe ich die Festplatte ausgebaut und an einen anderen PC als Slave angeschlossen um zu versuchen Daten zu retten, siehe da sie funktioniert einwandfrei. Ist es vieleicht möglich das der Bootsektor der Platte defekt ist? |
|
|
||
11.10.2006, 10:00
Ehrenmitglied
Beiträge: 29434 |
#25
wenn die platte an einem anderen Rechner funktioniert, kann sie nicht defekt sein....
schliesse sie noch mal normal an und berichte, ob der rechner normal hochfahert. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
15.10.2006, 22:04
Member
Themenstarter Beiträge: 13 |
#26
Ja die Platte ist neu hochgefahren aber Die Systemherrstellung geht immer noch nicht. Wollte XP jetzt nochmal drüber installieren, ging aber nicht.
Habe mir jetzt eine neue Platte gekauft und benutze die Alte als 2. Platte zusätzlich. Da läuft sie ohne murren. Ist wiedermal viel Arbeit alles neu zu installieren. Trotzdem Danke für Eure Hilfe. War sehr zufieden mit Euch und werde Euch weiterempfehlen. MfG Fränk268 |
|
|
||
(Die anderen 6 Log-Dateien sende ich morgen. Muß leider jetzt Schluß machen, Sorry)
Spyware Scan Details
Start Date: 06.10.2006 16:54:16
End Date: 06.10.2006 22:15:57
Total Time: 5 hrs 21 mins 41 secs
Detected spyware
Need2FindBar Potentially Unwanted Program more information...
Details: Need2FindBar is a browser helper object (BHO) toolbar that has a search function.
Status: Ignored
Infected files detected
c:\programme\need2find\bar\history\search
Infected registry entries detected
HKEY_CURRENT_USER\Software\Need2Find
HKEY_CLASSES_ROOT\MSIEDe1egate.Application.2
HKEY_CLASSES_ROOT\MSIEDe1egate.Application.2\CLSID {0002DF01-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\MSIEDe1egate.Application.2 Internet Exp1orer (Ver 1.29353)
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner test "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 1
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Home C:\Program Files\Altnet\Points Manager\Points Manager.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Points "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 1
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Redeem "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 2
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Wallet "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 3
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar\Partner PM-Settings "C:\Program Files\Altnet\Points Manager\Points Manager.exe" -p 4
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar pid KC
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Dir C:\Programme\Need2Find\bar\
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar ShzmCurInstall 1
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar CurInstall 1
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar sr 0
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar pl 7
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Id 19E9F562-BB33-436F-9711-E9CD3887D155
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Build 121.36182
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar CacheDir C:\Programme\Need2Find\bar\Cache\
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar SettingsDir C:\Programme\Need2Find\bar\Settings\
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar ConfigDateStamp 2005100407
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar HTMLMenuRevision 88
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Flags 530
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar CfgUrl http://kp.barcfg.need2find.com/speedbar/mySpeedbarCfg2.jsp?s=kb&p=KP
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar HistoryDir C:\Programme\Need2Find\bar\History\
HKEY_LOCAL_MACHINE\SOFTWARE\Need2Find\bar Visible 1
AntiLeech Plugin Adware (General) more information...
Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software.
Status: Ignored
Infected files detected
c:\programme\anti-leech\alie_1.0.2.2\al2np.dll
c:\programme\anti-leech\alie_1.0.2.2\alhlp.exe
c:\programme\anti-leech\alie_1.0.2.2\alie.dll
c:\programme\anti-leech\alie_1.0.2.2\alie.inf
c:\programme\anti-leech\alie_1.0.2.2\iesetup2.exe
c:\programme\anti-leech\alie_1.0.2.3\alhlp.exe
c:\programme\anti-leech\alie_1.0.2.3\alie.dll
c:\programme\anti-leech\alie_1.0.2.3\alie.inf
c:\programme\anti-leech\alie_1.0.2.3\iesetup2.exe
c:\programme\anti-leech\alnn\al2np.dll
c:\programme\anti-leech\alnn\alhlp.exe
c:\programme\anti-leech\alnn\npalnn.dll
c:\programme\anti-leech\alnn\setup2.exe
F:\Programme\Mozilla Firefox\plugins\al2np.dll
F:\Programme\Anti-Leech\ALIE_1.0.2.3\alhlp.exe
f:\Programme\Anti-Leech\ALIE_1.0.2.3\alie.dll
Infected registry entries detected
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla Firefox 1.0.6 F:\Programme\Mozilla Firefox\Plugins
HKEY_CURRENT_USER\Software\Anti-Leech\Anti-Leech Plugin Mozilla Firefox 1.5.0.3 F:\Programme\Mozilla Firefox\plugins\
HKEY_CLASSES_ROOT\AntiLeech.ALIE.1
HKEY_CLASSES_ROOT\AntiLeech.ALIE.1\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7}
HKEY_CLASSES_ROOT\AntiLeech.ALIE.1 Anti-Leech Plug-in
HKEY_CLASSES_ROOT\AntiLeech.ALIE
HKEY_CLASSES_ROOT\AntiLeech.ALIE\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7}
HKEY_CLASSES_ROOT\AntiLeech.ALIE\CurVer AntiLeech.ALIE.1
HKEY_CLASSES_ROOT\AntiLeech.ALIE Anti-Leech Plug-in
HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}
HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 F:\PROGRA~1\ANTI-L~1\ALIE_1~1.3\alie.dll
HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\ProgID AntiLeech.ALIE.1
HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\TypeLib {056738E1-E15C-11D6-B876-0050BF5D85C7}
HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\VersionIndependentProgID AntiLeech.ALIE
HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} Anti-Leech Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE DisplayName Anti-Leech Plugin for Internet Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE UninstallString F:\Programme\Anti-Leech\ALIE_1.0.2.3\iesetup2.exe uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALNN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALNN DisplayName Anti-Leech Plugin for Mozilla, Opera, Netscape
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALNN UninstallString C:\Programme\Anti-Leech\ALNN\setup2.exe -u
Twain Tech Adware (General) more information...
Details: Twain-Tech is an adware based Internet Explorer browser helper object that deliver targeted ads based on a user's browsing patters. Twain-Tech does not provide any other relevant purpose other then to display pop-up ads.
Status: Ignored
Infected files detected
c:\windows\smdat32m.sys
WindUpdates.MediaAccess Adware (General) more information...
Details: WindUpdates.MediaAccess is an adware program that spawns pop-ups on the desktop.
Status: Ignored
Infected files detected
I:\Briefe\2-Glasbestellung.xls
Hacktool.Rootkit Rootkit more information...
Status: Ignored
Infected files detected
I:\Umschulung\Michel\Schule Daten\totalcmd\WC32TO16.EXE
Altnet P2P Networking Low Risk Adware more information...
Details: Altnet P2P Networking is a program that uses peer-to-peer functionality to enable the delivery of content, including advertising, to PC desktops. This content may be used by other programs.
Status: Ignored
Infected registry entries detected
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\p2p networking
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\p2p networking SlowInfoCache
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\p2p networking Changed 0
HKEY_LOCAL_MACHINE\SOFTWARE\P2P Networking
eDonkey2000 P2P Program more information...
Details: eDonkey2000 is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives.
Status: Ignored
Infected registry entries detected
HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}
HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 F:\Programme\eDonkey2000 Lite\plugins\ed2kie.dll
HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\ProgID eD2KDownloadManager.object.1
HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\TypeLib {379919F2-1612-45B7-B9F4-773F6D5214F5}
HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\VersionIndependentProgID eD2KDownloadManager.object
HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620} eD2K downloadManager object
Grokster P2P Program more information...
Details: Grokster is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives.
Status: Ignored
Infected registry entries detected
HKEY_CLASSES_ROOT\AppID\{967DCD56-B0E3-4965-B87D-59342FFA9BAA}
HKEY_CLASSES_ROOT\AppID\{967DCD56-B0E3-4965-B87D-59342FFA9BAA} TicTacToe
NetPumper Adware Bundler more information...
Details: Bundles with a number of adware components.
Status: Ignored
Infected registry entries detected
HKEY_CLASSES_ROOT\NetPumper.AddUrl
HKEY_CLASSES_ROOT\NetPumper.AddUrl\CLSID {1AA406AB-F581-42AB-B4D1-31D2E13819EF}
HKEY_CLASSES_ROOT\NetPumper.AddUrl AddUrl Object
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro\Firstrun state 2
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro state 2
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro pkid Tight
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro alid Tight
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro iid {DEC45D3D-A9CD-4975-AE6A-2DD99493D530}
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper VersionInfo rqnkXmwJkMJAIRKo9erlfwNV-1fWDwYMPK8nOwilSGYkwcbdaXQ1arg0N8V9VvVbE88VoMqLNVAx
+0RiKNWxDhKgJ7Oo97dp992gQzUmWgZZS2pz3yr2-v73-THqK5tXEH+Wys+ZvAY
PFfG0SocHtgXsSXlBhRDgy7-zRS2-a0ZpSGY2orDSjIgFri6TxI8gUY3lmkFTEpSU
HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}
HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\LocalServer32 G:\Programme\NetPumper\NetPumper.exe /Automation
HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\LocalServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\ProgID NetPumper.AddUrl
HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\Typelib {1145A909-A836-44B8-B03A-48D858B0F43E}
HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF}\Version 1.2
HKEY_CLASSES_ROOT\clsid\{1AA406AB-F581-42AB-B4D1-31D2E13819EF} AddUrl Object
HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}
HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E}
HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib Version 1.2
HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} IAddUrl
HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}
HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E}
HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib Version 1.2
HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} IAddPackage
HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}
HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\TypeLib {F7258F6E-9F60-49C0-8C82-F0A0993D68E0}
HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{E0ABBF96-17DC-44CA-96D0-6217064A97BA} INetscapeInterface
HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}
HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2\0\win32 G:\Programme\NetPumper\NetPumper.exe
HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2\HELPDIR G:\Programme\NetPumper\
HKEY_CLASSES_ROOT\TypeLib\{1145A909-A836-44B8-B03A-48D858B0F43E}\1.2 NetPumper Library
HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}
HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\0\win32 G:\Programme\NetPumper\NetPumperNNProxy.dll
HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0\HELPDIR G:\Programme\NetPumper\
HKEY_CLASSES_ROOT\TypeLib\{F7258F6E-9F60-49C0-8C82-F0A0993D68E0}\1.0 NetPumperNNProxy Library
HKEY_CURRENT_USER\Software\NetPumper
HKEY_CURRENT_USER\Software\NetPumper\Fränk Field1 632892307
HKEY_CURRENT_USER\Software\NetPumper\Fränk Field2 606579310
HKEY_CURRENT_USER\Software\NetPumper\Fränk Field3 308279413
HKEY_CURRENT_USER\Software\NetPumper\Fränk Field4 1349963470
Accoona.Toolbar Toolbar more information...
Details: The Accoona Toolbar is a Internet Explorer toolbar that is bundled and installed with other programs.
Status: Ignored
Infected registry entries detected
HKEY_CLASSES_ROOT\ASearchAssist.ADefaultSearch.1
HKEY_CLASSES_ROOT\ASearchAssist.ADefaultSearch.1\CLSID {944864A5-3916-46E2-96A9-A2E84F3F1208}
HKEY_CLASSES_ROOT\ASearchAssist.ADefaultSearch.1 ADefaultSearch Class
Cookie: PriceBandit Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Ignored
Infected cookies detected
c:\dokumente und einstellungen\fränk\cookies\fränk@apmebf[2].txt
Cookie: ATDMT.com Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Ignored
Infected cookies detected
c:\dokumente und einstellungen\fränk\cookies\fränk@atdmt[1].txt
Cookie: DoubleClick Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Ignored
Infected cookies detected
c:\dokumente und einstellungen\fränk\cookies\fränk@doubleclick[1].txt
Cookie: Radar Spy Cookie (General) more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count
Status: Ignored
Infected cookies detected
c:\dokumente und einstellungen\fränk\cookies\fränk@tradedoubler[1].txt