Spyware Infection auf dem Desktop !?!

#0
03.12.2006, 14:00
Member

Beiträge: 15
#1 Also folgendes:
Meine Freundin hat auf ihrem Computer Desktop ständig die Meldung "Spyware Infection" in rot, auf einem schwarzen Hintergrund mit Blauem Rahmen. "Your System is infected with spyware. Windows recommends you to use a spyware removal tool to prevent loss of important data,..."
Beim Hochfahren kommt kurz das eigentliche Hintergrundbild und dann die Meldung, welche nicht mehr weg geht. Im Prinzip funktioniert der Computer, aber der hässliche Hintergrund nervt schon ein wenig^^
Auf dem Computer meiner Freundin ist Wartung und Update ein Fremdwort. Aber trotz allem hat sie warum auch immer diverse Programme installiert:
TuneUp und Norton Utilities, Spybot, Winfixer 2005, DATA Becker und noch Antivir... Das wären die Programme, die vielleicht der Auslöser des Problems sein könnten... Aber sie hat noch viel mehr drauf. Ich persönlich würde behaupten, dass da zu viel Müll drauf ist. Allein mit CleanUP hab ich über 2GB temporäre Dateien gelöscht...

Was ich noch gesehen habe war ein "Programm" das Zango heißt und mit dem man so Javagames oder ähnliches runterladen kann.

Hat jemand Hilfe??

HiJack sagt das:
Logfile of HijackThis v1.99.1
Scan saved at 13:33:11, on 03.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\AVPersonal\AVSCHED32.EXE
C:\Programme\QuickTime\qttask.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-COM\T-COM WLAN Manager T-Sinus 154data\Installer\WINXP\DTUSB11GMonitor.exe
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\oodag.exe
C:\Programme\Speed Disk\nopdb.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Franziska\Desktop\Wartung\Neuer Ordner\hijackthis_199\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;10.*;*.bwl.de
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O1 - Hosts: 69.64.35.177 auto.search.msn.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6EF2B03F-36B0-47F2-AC9C-B20C9C3A72B3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {78364D99-A640-4ddf-B91A-67EFF8373045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSCHED32.EXE /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zango] "c:\programme\zango\zango.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: T-COM WLAN Manager T-Sinus 154data.lnk = C:\Programme\T-COM\T-COM WLAN Manager T-Sinus 154data\Installer\WINXP\DTUSB11GMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {00000000-7777-0704-0B53-2C8830E9FAEC} - http://gn.one2bill.de/soft/axload.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107711238131
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} - http://playroom.icq.com/odyssey_web11.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.serviceurl.de/InstallationsAssistent.ocx
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programme\Speed Disk\nopdb.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Seitenanfang Seitenende
03.12.2006, 16:37
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
Seitenanfang Seitenende
04.12.2006, 17:05
Member

Themenstarter

Beiträge: 15
#3 Franziska - 06-12-04 16:58:08,69 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Programme\Mozilla Firefox"

((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))


2006-12-04 07:03 <DIR> dr-h----- C:\Dokumente und Einstellungen\Franziska\Recent
2006-12-03 13:31 <DIR> d-------- C:\avenger
2006-12-03 13:01 <DIR> d-------- C:\Programme\CleanUp!
2006-11-13 21:27 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2006-11-13 21:27 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2006-11-13 21:27 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2006-11-13 21:27 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2006-11-13 21:27 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe
2006-11-13 21:26 <DIR> d-------- C:\Programme\Winamp


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-04 16:58 -------- d-------- C:\Programme\Mozilla Firefox
2006-12-04 16:34 -------- d-------- C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten\Skype
2006-12-02 10:44 -------- d-------- C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten\Adobe
2006-11-27 19:19 8 --a------ C:\WINDOWS\system32\CtSACKey.sys
2006-10-29 18:53 -------- d-------- C:\Programme\ElsterFormular2005
2006-10-28 11:26 -------- d---s---- C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten\Microsoft
2006-10-05 18:40 -------- d-------- C:\Programme\AVPersonal


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Skype"="\"C:\\Programme\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"="C:\\Programme\\ICQLite\\ICQLite.exe -trayboot"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AVGCtrl"="C:\\Programme\\AVPersonal\\AVGNT.EXE /min"
"AVSCHED32"="C:\\Programme\\AVPersonal\\AVSCHED32.EXE /min"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"zango"="\"c:\\programme\\zango\\zango.exe\""
"QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"ICQ Lite"="\"C:\\Programme\\ICQLite\\ICQLite.exe\" -minimize"
"SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="http://home.arcor.de/manuel.schaich/berti&ich.JPG"
"SubscribedURL"="http://home.arcor.de/manuel.schaich/berti&ich.JPG"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,12,03,00,00,19,01,00,00,00,05,00,00,c0,03,00,00,e8,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000001
"OriginalStateInfo"=hex:18,00,00,00,12,03,00,00,19,01,00,00,00,05,00,00,c0,03,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:14,6d,ef,05,41,c0,ac,74,e8,11,23,00,68,de,ef,05,20,6d,\
ef,05,3c,40,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="file:///C:/DOKUME~1/FRANZI~1/LOKALE~1/Temp/msohtml1/01/clip_image001.jpg"
"SubscribedURL"="file:///C:/DOKUME~1/FRANZI~1/LOKALE~1/Temp/msohtml1/01/clip_image001.jpg"
"FriendlyName"=""
"Flags"=dword:00000001
"Position"=hex:2c,00,00,00,7e,01,00,00,64,01,00,00,f4,01,00,00,77,01,00,00,ea,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:00000001
"OriginalStateInfo"=hex:18,00,00,00,92,03,00,00,64,01,00,00,f4,01,00,00,77,01,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:dc,ff,eb,03,f3,99,83,7c,70,9a,80,7c,ff,ff,ff,ff,66,9a,\
80,7c,66,9a,80,7c

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,ec,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"Wallpaper"="C:\\WINDOWS\\desktop.html"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=hex:95,00,00,00
"NoFavoritesMenu"=dword:00000001
"ClearRecentDocsOnExit"=dword:00000001
"NoWindowsUpdate"=dword:00000001
"NoActiveDesktop"=dword:00000000
"ClassicShell"=dword:00000000
"ForceActiveDesktopOn"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk]
"path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Adobe Reader - Schnellstart.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader - Schnellstart.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader - Schnellstart"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Norton System Doctor.lnk]
"path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Norton System Doctor.lnk"
"backup"="C:\\WINDOWS\\pss\\Norton System Doctor.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\NORTON~1\\SYSDOC32.EXE /STARTUP"
"item"="Norton System Doctor"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCpl"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvMcTray"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /install"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSDrvCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PSDrvCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\PSDrvCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Programme\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mobsync"
"hkey"="HKLM"
"command"="%SystemRoot%\\system32\\mobsync.exe /logon"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeUpdateManager"
"hkey"="HKCU"
"command"="C:\\Programme\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinMedia32]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winmedia32"
"hkey"="HKLM"
"command"="winmedia32.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XPoe-Runtime]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="xpoerunt"
"hkey"="HKCU"
"command"="C:\\Programme\\DATA BECKER\\XP optimal einstellen 2.0\\xpoerunt.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zango]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="zango"
"hkey"="HKLM"
"command"="\"c:\\programme\\zango\\zango.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NProtectService"=dword:00000002

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\df_kmd.sys

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Klick-Wartung.job

Completion time: 06-12-04 16:58:50.75
C:\ComboFix.txt ... 06-12-04 16:58
C:\ComboFix2.txt ... 06-12-04 16:55
Seitenanfang Seitenende
04.12.2006, 17:08
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4 1.
arbeite cleanup ab
http://virus-protect.org/cleanup.html

2.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint

Zitat

cd\
dir "C:\Windows\System32\Com" >>files.txt
dir "C:\Windows\system32\config" >>files.txt
dir "C:\WINDOWS\system32\components" >>files.txt
dir "C:\WINDOWS\Downloaded Program Files" >>files.txt
dir "C:\Programme\Common Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Eigene Dateien" >>files.txt
dir "C:\Program Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temporary Internet Files\Content.IE5" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temp" >>files.txt
dir "C:\WINDOWS\Temp" >>files.txt
dir "C:\Temp" >>files.txt
dir "C:\Programme" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten" >>files.txt
dir "C:\Programme\Gemeinsame Dateien" >>files.txt
dir "C:\Windows\tasks" >>files.txt
notepad files.txt

__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
06.12.2006, 16:34
Member

Themenstarter

Beiträge: 15
#5 Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Windows\System32\Com

19.04.2005 16:38 <DIR> .
19.04.2005 16:38 <DIR> ..
03.08.2004 23:57 195.584 comadmin.dll
23.08.2001 14:00 61.440 comempty.dat
23.08.2001 14:00 77.348 comexp.msc
03.08.2004 23:57 9.728 comrepl.exe
23.08.2001 14:00 5.120 comrereg.exe
23.08.2001 14:00 19.456 mtsadmin.tlb
6 Datei(en) 368.676 Bytes
2 Verzeichnis(se), 32.965.373.952 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Windows\system32\config

18.11.2005 19:50 <DIR> .
18.11.2005 19:50 <DIR> ..
06.12.2006 06:58 524.288 AppEvent.Evt
06.12.2006 06:58 262.144 default
23.06.2004 13:51 94.208 default.sav
18.11.2005 19:50 262.144 default_BAK_40495
06.02.2005 20:04 262.144 default_BAK_74324
24.06.2004 06:30 96 netlogon.ftl
06.12.2006 06:58 24.576 SAM
06.02.2005 20:04 262.144 SAM_BAK_25157
18.11.2005 19:50 24.576 SAM_BAK_85747
23.06.2004 12:52 65.536 SecEvent.Evt
06.12.2006 06:58 45.056 SECURITY
06.02.2005 20:04 262.144 SECURITY_BAK_12872
18.11.2005 19:50 45.056 SECURITY_BAK_34206
06.12.2006 06:58 22.544.384 software
23.06.2004 13:51 630.784 software.sav
18.11.2005 19:50 22.020.096 software_BAK_22145
06.02.2005 20:04 21.495.808 software_BAK_44927
06.12.2006 06:58 524.288 SysEvent.Evt
06.12.2006 16:27 3.670.016 system
23.06.2004 13:51 397.312 system.sav
23.06.2004 12:08 <DIR> systemprofile
18.11.2005 19:50 4.718.592 system_BAK_74199
06.02.2005 20:04 3.145.728 system_BAK_83142
23.06.2004 13:51 262.144 userdiff
23 Datei(en) 81.543.264 Bytes
3 Verzeichnis(se), 32.965.369.856 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\WINDOWS\system32

Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\WINDOWS\Downloaded Program Files

24.11.2004 19:05 27.648 axload.dll
15.06.2004 05:13 226 cc.inf
07.11.2006 12:58 1.224.704 ClientAX.dll
22.04.2005 15:08 <DIR> CONFLICT.1
14.10.1997 17:52 697 DirectAnimation Java Classes.osd
16.06.2004 16:03 355.955 ICQVideoControl.dll
08.06.2004 11:26 268 ICQVideoControl.inf
04.07.2004 16:53 398.456 imloader.exe
06.12.2004 14:51 17.600 InstallationsAssistent.ocx
25.08.2003 17:12 1.096 iuctl.inf
20.01.2000 14:25 1.162 Microsoft XML Parser for Java.osd
20.05.2004 13:36 237.568 MISBH.dll
09.05.2004 10:03 194 MISBH.INF
05.11.2003 06:04 228 odyssey_webmoo.inf
22.08.2003 20:10 226 opuc.inf
09.10.2003 09:32 144 QTPlugin.inf
13.04.2001 14:55 7.671 swdir.inf
27.08.2005 13:30 5.065 swflash.inf
03.08.2004 14:51 293 wuweb.inf
18 Datei(en) 2.279.201 Bytes
1 Verzeichnis(se), 32.965.369.856 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Programme\Common Files

06.02.2005 20:32 <DIR> .
06.02.2005 20:32 <DIR> ..
06.11.2004 00:06 <DIR> Microsoft Shared
29.09.2004 18:16 <DIR> SearchUpgrader
29.06.2004 16:03 <DIR> System
0 Datei(en) 0 Bytes
5 Verzeichnis(se), 32.965.369.856 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Dokumente und Einstellungen\Franziska

06.12.2006 16:27 <DIR> .
06.12.2006 16:27 <DIR> ..
23.11.2004 17:25 <DIR> Application Data
06.12.2006 16:29 <DIR> Desktop
23.01.2005 11:31 <DIR> Eigene Dateien
17.08.2006 20:57 <DIR> Favoriten
13.09.2006 10:37 <DIR> Incomplete
06.12.2006 06:58 22.806.528 NTUSER.DAT
18.11.2005 19:50 14.942.208 NTUSER.DAT_BAK_45641
24.04.2006 18:39 <DIR> Startmen
18.11.2005 19:02 95 trace.log
14.10.2004 19:32 <DIR> WINDOWS
3 Datei(en) 37.748.831 Bytes
9 Verzeichnis(se), 32.965.365.760 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Eigene Dateien

23.01.2005 11:31 <DIR> .
23.01.2005 11:31 <DIR> ..
14.05.2006 09:26 <DIR> Eigene Musik
0 Datei(en) 0 Bytes
3 Verzeichnis(se), 32.965.365.760 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Program Files

01.08.2006 21:23 <DIR> .
01.08.2006 21:23 <DIR> ..
01.08.2006 21:23 <DIR> ICQLite
14.01.2006 20:48 <DIR> Samsung
25.11.2005 13:34 <DIR> SpySheriff
0 Datei(en) 0 Bytes
5 Verzeichnis(se), 32.965.365.760 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Lokale Einstellungen\Temporary Internet Files\Content.IE5

06.12.2006 16:27 442.368 index.dat
1 Datei(en) 442.368 Bytes
0 Verzeichnis(se), 32.965.365.760 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Lokale Einstellungen\Temp

06.12.2006 16:27 <DIR> .
06.12.2006 16:27 <DIR> ..
06.12.2006 15:09 16.384 ~DF337D.tmp
06.12.2006 15:09 16.384 ~DF4513.tmp
2 Datei(en) 32.768 Bytes
2 Verzeichnis(se), 32.965.365.760 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\WINDOWS\Temp

06.12.2006 16:27 <DIR> .
06.12.2006 16:27 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 32.965.365.760 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Temp

04.02.2006 11:51 <DIR> .
04.02.2006 11:51 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 32.965.365.760 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Programme

03.12.2006 13:30 <DIR> .
03.12.2006 13:30 <DIR> ..
19.04.2005 15:24 <DIR> Adaware
13.03.2005 15:10 <DIR> Adobe
23.06.2004 14:24 <DIR> Ahead
25.06.2004 06:24 <DIR> AIDA32 - Enterprise System Information
07.02.2005 11:12 <DIR> aida32ee_390
05.10.2006 18:40 <DIR> AVPersonal
08.06.2005 13:42 21 AVPersonalAVWIN.INI
13.09.2006 10:36 <DIR> BearShare
06.12.2006 16:25 <DIR> CleanUp!
06.02.2005 20:32 <DIR> Common Files
23.06.2004 11:59 <DIR> ComPlus Applications
06.02.2005 21:36 <DIR> Corel
07.02.2005 11:15 <DIR> Corel_11
14.01.2006 20:10 <DIR> Creative
06.02.2005 19:37 <DIR> CyberLink
06.02.2005 20:55 <DIR> DATA BECKER
19.07.2004 19:51 <DIR> DivX
31.08.2005 19:48 <DIR> DivXCodec
29.10.2006 18:53 <DIR> ElsterFormular2005
20.02.2006 14:52 <DIR> emagic
17.07.2006 17:57 <DIR> eMule.de
16.09.2005 11:55 2.828.760 fcduninstall.exe
10.03.2006 14:48 <DIR> fotomaxcd
13.09.2006 10:36 <DIR> FrostWire
17.08.2006 19:17 <DIR> Gemeinsame Dateien
18.05.2006 13:15 <DIR> Google
07.02.2005 11:26 <DIR> Grafik-Karte
01.08.2006 21:23 <DIR> ICQLite
29.05.2005 17:49 <DIR> ICQToolbar
14.09.2005 12:43 <DIR> INSTAFINK
07.02.2005 11:26 <DIR> Inst_Office_2003
19.04.2005 16:40 <DIR> Internet Explorer
06.02.2005 21:50 <DIR> IrfanView
06.02.2005 21:49 <DIR> IrfanView 3.91
17.08.2006 19:20 <DIR> Java
14.11.2005 14:23 <DIR> Kazaa
19.06.2006 14:19 <DIR> Kazaa Lite
07.02.2005 11:26 <DIR> MBM5
17.11.2005 22:02 <DIR> Messenger
23.06.2004 12:05 <DIR> microsoft frontpage
09.11.2004 14:04 <DIR> Microsoft Office
23.06.2004 14:12 <DIR> Microsoft Visual Studio
23.06.2004 14:13 <DIR> Microsoft Works
23.06.2004 14:13 <DIR> Microsoft.NET
25.06.2004 06:30 <DIR> Motherboard Monitor 5
19.04.2005 16:40 <DIR> Movie Maker
04.12.2006 16:58 <DIR> Mozilla Firefox
07.02.2005 11:25 <DIR> MR
23.06.2004 11:59 <DIR> MSN
23.06.2004 11:59 <DIR> MSN Gaming Zone
07.02.2005 11:18 <DIR> myMP3_V5
07.02.2005 11:11 <DIR> Nero_Burning
17.11.2005 22:02 <DIR> NetMeeting
17.11.2005 22:02 <DIR> Network Stumbler
09.04.2006 11:16 <DIR> Norton Utilities
08.12.2005 06:56 <DIR> Oberon Media
25.06.2004 06:49 <DIR> OfficeUpdate11
23.06.2004 11:59 <DIR> Online Services
23.06.2004 12:03 <DIR> Online-Dienste
24.06.2004 07:32 <DIR> OO Software
07.02.2005 11:19 <DIR> oodpe_6_0_609_ger
19.04.2005 16:38 <DIR> Outlook Express
24.06.2004 06:28 <DIR> Pinnacle
06.03.2005 20:36 <DIR> Power Tab Software
16.07.2004 15:02 <DIR> QuickTime
14.01.2006 20:43 <DIR> Samsung
08.12.2005 06:52 <DIR> shizmoo
07.03.2005 16:52 <DIR> Skype
29.11.2005 15:19 <DIR> Speed Disk
19.04.2005 15:34 <DIR> Spybot - Search & Destroy
24.06.2004 06:28 <DIR> Steinberg
29.09.2006 14:09 <DIR> Sybex
14.02.2006 20:02 <DIR> Symantec
16.03.2006 20:09 <DIR> T-COM
07.02.2005 11:30 <DIR> T-Sinus 154 data
31.08.2005 19:48 <DIR> The Playa
08.12.2005 07:07 <DIR> TuneUp Utilities 2006
07.02.2005 11:19 <DIR> UltraEdit
12.09.2004 18:00 <DIR> VideoLAN
24.06.2004 06:28 <DIR> VOB
13.11.2006 22:10 <DIR> Winamp
19.04.2005 16:40 <DIR> Windows Media Player
19.04.2005 16:38 <DIR> Windows NT
23.01.2006 14:35 <DIR> WinFixer 2005
07.03.2005 12:52 <DIR> WinZip
23.06.2004 12:05 <DIR> xerox
06.04.2006 20:09 <DIR> Yahoo!
19.04.2005 15:25 <DIR> Zonealarm
2 Datei(en) 2.828.781 Bytes
88 Verzeichnis(se), 32.965.361.664 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Lokale Einstellungen\Anwendungsdaten

13.03.2005 15:19 <DIR> Adobe
16.07.2004 15:01 <DIR> Apple Computer
02.10.2006 13:18 96.256 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
19.04.2005 16:55 101.824 GDIPFONTCACHEV1.DAT
18.05.2006 13:15 <DIR> Google
02.07.2004 16:13 <DIR> Help
19.09.2004 16:57 <DIR> Identities
06.11.2004 10:28 <DIR> IM
23.04.2005 18:14 <DIR> Microsoft
2 Datei(en) 198.080 Bytes
7 Verzeichnis(se), 32.965.357.568 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten

02.12.2006 10:44 <DIR> Adobe
23.11.2005 19:08 <DIR> AdobeAUM
09.02.2006 07:06 <DIR> AdobeUM
01.10.2004 11:45 <DIR> Ahead
16.07.2004 15:01 <DIR> Apple Computer
25.06.2004 15:51 <DIR> Corel
18.01.2006 20:37 <DIR> Creative
06.02.2005 19:41 <DIR> CyberLink
13.09.2004 15:37 <DIR> dvdcss
15.09.2006 11:01 <DIR> FrostWire
18.05.2006 13:15 <DIR> Google
08.12.2005 06:54 <DIR> HbTools
28.11.2005 13:55 <DIR> Help
29.09.2004 19:16 <DIR> ICQ
06.02.2006 20:32 <DIR> ICQLite
24.06.2004 06:37 <DIR> Identities
19.06.2006 14:19 <DIR> Kazaa Lite
19.04.2005 15:24 <DIR> Lavasoft
30.10.2005 15:17 <DIR> Leadertech
03.07.2005 21:13 <DIR> Macromedia
07.10.2005 18:48 <DIR> Mozilla
12.04.2005 18:57 <DIR> MSN6
06.12.2006 15:52 <DIR> Skype
25.06.2004 15:02 <DIR> Steinberg
21.08.2006 12:18 <DIR> Sun
06.02.2005 22:03 <DIR> Symantec
06.02.2005 19:54 <DIR> TuneUp Software
0 Datei(en) 0 Bytes
27 Verzeichnis(se), 32.965.357.568 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten

04.01.2006 21:27 <DIR> Adobe
23.06.2004 14:24 <DIR> Ahead
11.02.2006 13:06 <DIR> AntiVir PersonalEdition Classic
16.07.2004 15:00 <DIR> Apple Computer
14.01.2006 20:10 <DIR> Creative
06.02.2005 19:37 <DIR> CyberLink
12.04.2005 18:57 <DIR> MSN6
25.06.2004 08:11 <DIR> nView_Profiles
17.07.2004 10:46 <DIR> QuickTime
08.01.2006 13:56 <DIR> Skype
26.03.2005 18:04 <DIR> Spybot - Search & Destroy
06.02.2005 21:57 <DIR> Symantec
06.02.2005 19:53 <DIR> TuneUp Software
06.04.2006 20:09 <DIR> Yahoo! Companion
0 Datei(en) 0 Bytes
14 Verzeichnis(se), 32.965.357.568 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Programme\Gemeinsame Dateien

17.08.2006 19:17 <DIR> .
17.08.2006 19:17 <DIR> ..
18.12.2005 21:17 <DIR> Adobe
23.06.2004 14:15 <DIR> Ahead
24.06.2004 07:16 <DIR> Corel
24.06.2004 07:17 <DIR> DESIGNER
23.06.2004 12:01 <DIR> Dienste
14.07.2004 20:31 <DIR> InstallShield
17.08.2006 19:17 <DIR> Java
14.01.2006 20:44 <DIR> Microsoft Shared
23.06.2004 12:01 <DIR> MSSoap
08.11.2004 16:51 <DIR> Oberon Media
23.06.2004 12:53 <DIR> ODBC
23.06.2004 12:53 <DIR> SpeechEngines
18.11.2005 19:11 <DIR> Symantec Shared
19.04.2005 16:38 <DIR> System
30.09.2005 18:03 <DIR> WinSoftware
08.12.2005 07:04 <DIR> Wise Installation Wizard
0 Datei(en) 0 Bytes
18 Verzeichnis(se), 32.965.357.568 Bytes frei
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846

Verzeichnis von C:\Windows\tasks

03.11.2006 17:16 404 1-Klick-Wartung.job
1 Datei(en) 404 Bytes
0 Verzeichnis(se), 32.965.357.568 Bytes frei
Seitenanfang Seitenende
06.12.2006, 17:35
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#6 ««
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als sheriff.reg mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden.
Die Datei "sheriff.reg" auf dem Desktop doppelklicken.+ der Registry beifuegen

Zitat

REGEDIT4

[-HKEY_CURRENT_USER\Software\SpySheriff]

[-HKEY_CURRENT_USER\Software\SNO2]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpySheriff]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"DisableTaskMgr"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoActiveDesktopChanges"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoSaveSettings"=-
"NoViewContextMenu"=-
"NoActiveDesktop"=-
"ForceActiveDesktopOn"=-
"ClassicShell"=-
"NoThemesTab"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=-
"NoComponents"=-
"NoDeletingComponents"=-
"NoEditingComponents"=-
"NoCloseDragDropBands"=-
"NoMovingBands"=-
"NoHTMLWallPaper"=-
"NoChangingWallPaper"=-
______________________________________________________-
»»
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopiere rein

Zitat

Registry values to delete:
HKLM\software\microsoft\windows\currentversion\run|zango

registry keys to delete:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinMedia32
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zango
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\df_kmd.sys
HKEY_LOCAL_MACHINE\SOFTWARE\WinSoftware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WFX5_is1

Files to delete:
C:\WINDOWS\system32\drivers\df_kmd.sys
c:\windows\system32\df_kme.exe
C:\WINDOWS\Downloaded Program Files\axload.dll
C:\WINDOWS\Downloaded Program Files\cc.inf
C:\WINDOWS\Downloaded Program Files\ClientAX.dll
C:\WINDOWS\Downloaded Program Files\imloader.exe

Folders to delete:
C:\Programme\Gemeinsame Dateien\WinSoftware
C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten\HbTools
C:\Programme\WinFixer 2005
C:\Programme\BearShare
C:\Programme\INSTAFINK
C:\Program Files\SpySheriff
C:\Programme\Common Files\SearchUpgrader
Klicke die grüne Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten

»»
lösche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb

««
öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

Zitat

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank

R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)

O1 - Hosts: 69.64.35.177 auto.search.msn.com

O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - (no file)

O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - (no file)

O2 - BHO: (no name) - {6EF2B03F-36B0-47F2-AC9C-B20C9C3A72B3} - (no file)

O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm

O16 - DPF: {00000000-7777-0704-0B53-2C8830E9FAEC} - http://gn.one2bill.de/soft/axload.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab

O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.serviceurl.de/InstallationsAssistent.ocx

Pc neustarten

««
Counterspy anwenden
http://virus-protect.org/counterspy.html
stelle nach dem scan alles auf remove und poste hier den scanreport

_______________________

Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren)

WinMedia32

in edit und klicke "Ok".
Notepad wird sich öffnen -- kopiere den Text ab und poste ihn.

in: "Enter search strings" (reinschreiben oder reinkopieren)

WinFixer 2005

in edit und klicke "Ok".
Notepad wird sich öffnen -- kopiere den Text ab und poste ihn.

in: "Enter search strings" (reinschreiben oder reinkopieren)

SpySheriff

in edit und klicke "Ok".
Notepad wird sich öffnen -- kopiere den Text ab und poste ihn.
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
06.12.2006, 19:12
Member

Themenstarter

Beiträge: 15
#7 Spyware Scan Details
Start Date: 06.12.2006 18:05:41
End Date: 06.12.2006 19:08:07
Total Time: 1 hrs 2 mins 26 secs

Detected spyware

KaZaA P2P more information...
Details: Kazaa is a Peer to Peer file sharing application that uses some adware advertising as well as installs a number of thrid party adware software on your computer.
Status: Deleted

Infected files detected
c:\programme\kazaa\plugins.htm
c:\programme\kazaa\versions.dat
c:\programme\kazaa\bgp2p\bdupd.dll
c:\programme\kazaa\bgp2p\plugins\ace.xmd
c:\programme\kazaa\bgp2p\plugins\adsntfs.xmd
c:\programme\kazaa\bgp2p\plugins\alz.xmd
c:\programme\kazaa\bgp2p\plugins\arc.xmd
c:\programme\kazaa\bgp2p\plugins\arj.xmd
c:\programme\kazaa\bgp2p\plugins\bach.xmd



Altnet Browser Plug-in more information...
Details: Topsearch is a .dll file that acts as a search engine and runs inside Internet Explorer as a Browser helper Object (BHO). It can supply advertising content to KaZaA users.
Status: Deleted

Infected files detected
c:\dokumente und einstellungen\franziska\startmen?rams\altnet\peer points manager.lnk
C:\Programme\AVPersonal\INFECTED\A0051994.EXE.VIR
C:\Programme\AVPersonal\INFECTED\A0051996.EXE.VIR
C:\Programme\AVPersonal\INFECTED\ASM.EXE.VIR
C:\Programme\AVPersonal\INFECTED\POINTS MANAGER.EXE.VIR

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE AppID {8B0FEF15-54DC-49F5-8377-8172DE975F75}
HKEY_CLASSES_ROOT\appid\{8b0fef15-54dc-49f5-8377-8172de975f75}
HKEY_CLASSES_ROOT\appid\{8b0fef15-54dc-49f5-8377-8172de975f75} Altnet Signing Module
HKEY_CLASSES_ROOT\clsid\{3646c2bd-3554-49ca-8125-44deefb881de}
HKEY_CLASSES_ROOT\clsid\{3646c2bd-3554-49ca-8125-44deefb881de} F586631D-553B-4956-B31E-62D096C26BE4
HKEY_CLASSES_ROOT\clsid\{3f4d4f88-0198-4921-b630-957f3eb814e0}
HKEY_CLASSES_ROOT\clsid\{3f4d4f88-0198-4921-b630-957f3eb814e0} 1928716804
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus\1 131473
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus 0
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ProgID ADM.ADM.1
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ToolboxBitmap32 C:\PROGRA~2\Altnet\DOWNLO~1\adm4005.exe, 101
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\Version 1.0
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\VersionIndependentProgID ADM.ADM
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} ADM Class
HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} AppID {99A8E2B2-3405-4C0D-9110-131C14CAAF62}
HKEY_LOCAL_MACHINE\software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75}
HKEY_LOCAL_MACHINE\software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75} Altnet Signing Module
HKEY_LOCAL_MACHINE\software\classes\appid\{99a8e2b2-3405-4c0d-9110-131c14caaf62}
HKEY_LOCAL_MACHINE\software\classes\appid\{99a8e2b2-3405-4c0d-9110-131c14caaf62} adm
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus\1 131473
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus 0
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ProgID ADM.ADM.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ToolboxBitmap32 C:\PROGRA~2\Altnet\DOWNLO~1\adm4005.exe, 101
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\Version 1.0
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\VersionIndependentProgID ADM.ADM
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} ADM Class
HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} AppID {99A8E2B2-3405-4C0D-9110-131C14CAAF62}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\ProgID SigningModule.SigningModule.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\VersionIndependentProgID SigningModule.SigningModule
HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} SigningModule Class
HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} AppID {8B0FEF15-54DC-49F5-8377-8172DE975F75}
HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}
HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\ProgID SigningModule.SigningModule.1
HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\VersionIndependentProgID SigningModule.SigningModule
HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} SigningModule Class
HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} AppID {8B0FEF15-54DC-49F5-8377-8172DE975F75}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM.1\CLSID {C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM.1 ADM Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\adm.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\adm.EXE AppID {99A8E2B2-3405-4C0D-9110-131C14CAAF62}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM\CLSID {C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM\CurVer ADM.ADM.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM ADM Class
HKEY_CLASSES_ROOT\SigningModule.SigningModule
HKEY_CLASSES_ROOT\SigningModule.SigningModule\CLSID {9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}
HKEY_CLASSES_ROOT\SigningModule.SigningModule\CurVer SigningModule.SigningModule.1
HKEY_CLASSES_ROOT\SigningModule.SigningModule SigningModule Class
HKEY_CLASSES_ROOT\SigningModule.SigningModule.1
HKEY_CLASSES_ROOT\SigningModule.SigningModule.1\CLSID {9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8}
HKEY_CLASSES_ROOT\SigningModule.SigningModule.1 SigningModule Class


Twain Tech Adware more information...
Details: Twain-Tech is an adware based Internet Explorer browser helper object that deliver targeted ads based on a user?s browsing patters. Twain-Tech does not provide any other relevant purpose other then to display pop-up ads.
Status: Deleted

Infected files detected
c:\windows\smdat32m.sys


Buschtrommel 1.2 Trojan more information...
Details: Features: Edit server, 6 Autostart methods, Backup, Screenshot, Port Redirect and scripting.
Status: Deleted

Infected files detected
c:\windows\server.exe


Trojan.Desktophijack Trojan more information...
Details: Trojan.Desktophijack modifies the home page and desktop settings on a compromised computer.
Status: Deleted

Infected files detected
c:\windows\desktop.html


StarDialer Dialer more information...
Details: An ActiveX installer control for premium-rate phone diallers, usually German.
Status: Deleted

Infected files detected
C:\Dokumente und Einstellungen\Franziska\Desktop\Wartung\Neuer Ordner\hijackthis_199\backups\backup-20061206-175339-814.dll


gator Adware more information...
Details: Display pop up ads
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\00001669.EXE.VIR
C:\Programme\AVPersonal\INFECTED\00002281.EXE.VIR
C:\Programme\AVPersonal\INFECTED\00017789.EXE.VIR
C:\Programme\AVPersonal\INFECTED\00019285.EXE.VIR
C:\Programme\AVPersonal\INFECTED\00020446.EXE.VIR
C:\Programme\AVPersonal\INFECTED\00068947.EXE.VIR
C:\Programme\AVPersonal\INFECTED\00094075.EXE.VIR

Infected registry entries detected
HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f}\ProgID HbtToolbar.HbtHtmlMenuUI.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f}\VersionIndependentProgID HbtToolbar.HbtHtmlMenuUI
HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f} HbtHtmlMenuUI
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19}\ProgID RprtsPSClient.PSExecuter.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19}\VersionIndependentProgID RprtsPSClient.PSExecuter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} RprtsPSExecuter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\ProgID ShprRprts.HbAx.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\ToolboxBitmap32 C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll, 102
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\VersionIndependentProgID ShprRprts.HbAx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} HbAx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}\ProgID ShprRprts.HbInfoBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}\VersionIndependentProgID ShprRprts.HbInfoBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} ShopperReports ? Price Comparison
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{354382DB-DF55-4DA9-85A3-41696A0F510F}\ProgID HbtToolbar.HbtHtmlMenuUI.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{354382DB-DF55-4DA9-85A3-41696A0F510F}\VersionIndependentProgID HbtToolbar.HbtHtmlMenuUI
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{354382DB-DF55-4DA9-85A3-41696A0F510F} HbtHtmlMenuUI
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0}\ProgID ShprRprts.IEButtonA.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0}\VersionIndependentProgID ShprRprts.IEButtonA
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} IEButtonA
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}\ProgID ShprRprts.IEButton.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}\VersionIndependentProgID ShprRprts.IEButton
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} IEButton
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} Default Visible Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} ButtonText ShopperReports - Compare product prices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} HotIcon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,204
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} Icon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,203
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} ClsidExtension {580a1f3f-89b4-433b-bbdb-b97aeb13f3fc}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}\ProgID ShprRprts.HbCommBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}\Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}\VersionIndependentProgID ShprRprts.HbCommBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} ShopperReports ? Price Comparison
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395} IHbIEPane
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159} IRegisterableObject
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324} IBrwsAdapter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} Default Visible Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} ButtonText ShopperReports - Compare travel rates
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} HotIcon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,202
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} Icon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,201
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} ClsidExtension {454b4812-e572-4703-a1bb-63490809eac0}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} ShopperReports ? Price Comparison
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1\CLSID {0774F696-D801-4C18-81A7-A3A32B8BEF19}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 RprtsPSExecuter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID {0774F696-D801-4C18-81A7-A3A32B8BEF19}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer RprtsPSClient.PSExecuter.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter RprtsPSExecuter
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx.1\CLSID {1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx.1 HbAx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx\CLSID {1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx\CurVer ShprRprts.HbAx.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx HbAx
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand.1\CLSID {A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand.1 ShopperReports ? Price Comparison
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand\CLSID {A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand\CurVer ShprRprts.HbCommBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand ShopperReports ? Price Comparison
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand.1\CLSID {2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 ShopperReports ? Price Comparison
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID {2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer ShprRprts.HbInfoBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand ShopperReports ? Price Comparison
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton.1\CLSID {580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton.1 IEButton
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton\CLSID {580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton\CurVer ShprRprts.IEButton.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton IEButton
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA.1\CLSID {454B4812-E572-4703-A1BB-63490809EAC0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA.1 IEButtonA
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID {454B4812-E572-4703-A1BB-63490809EAC0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer ShprRprts.IEButtonA.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA IEButtonA
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1\CLSID {2A8A997F-BB9F-48F6-AA2B-2762D50F9289}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 ShprRprts
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID {2A8A997F-BB9F-48F6-AA2B-2762D50F9289}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer ShprRprts.SmrtShprCtl.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl ShprRprts
HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F}
HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F}\ProgID HbtToolbar.HbtHtmlMenuUI.1
HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F}\VersionIndependentProgID HbtToolbar.HbtHtmlMenuUI
HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F} HbtHtmlMenuUI


InstaFinder Browser Hijacker more information...
Details: InstaFinder is an Internet Explorer Browser Helper search hijacker.
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\A0049649.EXE.VIR
C:\Programme\AVPersonal\INFECTED\A0051993.DLL.VIR
C:\Programme\AVPersonal\INFECTED\INSTAFINDERK_INST.EXE.001
C:\Programme\AVPersonal\INFECTED\INSTAFINDERK_INST.EXE.VIR
C:\Programme\AVPersonal\INFECTED\INSTAFINK.DLL.VIR


My Way Speedbar Browser Plug-in more information...
Details: MyWay Speedbar is a search toolbar that installs into Internet Explorer and Netscape Navigator, adding search functions and popup blocking.
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\A0051991.DLL.VIR
C:\Programme\AVPersonal\INFECTED\A0052065.DLL.VIR
C:\Programme\AVPersonal\INFECTED\MY2NS.EXE.VIR
C:\Programme\AVPersonal\INFECTED\MYBAR.DLL.VIR
C:\Programme\AVPersonal\INFECTED\NPMYWAY.DLL.VIR

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1 131473
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus 0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC} myBar Installer2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\ProgID MyWayToolBar.NetscapeStartup.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID
Cydoor Adware more information...
Details: Cydoor is an adware program that downloads advertisements from a server and displays them on your computer.
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\CD_CLINT.DLL.VIR


Claria.GAIN Adware more information...
Details: Claria's GAIN network consists of several applications inlcuding Gator eWallet, GotSmiley, ScreenSeenes, WebSecureAlert, DashBar, Weatherscope, Date Manager and Precision Time.
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\GATORRES.DLL.VIR
C:\Programme\AVPersonal\INFECTED\GMT.EXE.VIR


EUniverse Updater Browser Hijacker more information...
Details: EUniverse is an adware program that runs at startup, generates popup ads, and performs a number of spyware related functions such as transmitting personal information and hijacking Internet Explorer.
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\RVUPDMGR.EXE.001
C:\Programme\AVPersonal\INFECTED\RVUPDMGR.EXE.VIR


SysWebTelecomInt Dialer more information...
Details: Porn dialer for www.sponsoradulto.com.
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\SYSWEBTELECOMINT.DLL.VIR


KeenValue PerfectNav Browser Hijacker more information...
Details: The PerfectNav Internet Explorer spyware software is designed to redirect your URL typing errors to PerfectNav's web page.
Status: Deleted

Infected files detected
C:\Programme\AVPersonal\INFECTED\UPDMGR.EXE.VIR

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\HomePage
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\HomePage DefaultIEHomePage http://www.perfectnav.com/
HKEY_LOCAL_MACHINE\software\perfectnav
HKEY_LOCAL_MACHINE\software\perfectnav\BHO\HomePage DefaultIEHomePage http://www.perfectnav.com/
HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS 404 http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=404&Keywords=
HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS DNSNotFound http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=DNS&Keywords=
HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS URLTranslation http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&Keywords=
HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS 4 ivwt;12wjvhjjpgis0yiskvmhp1gpo2pqeBysn@
HKEY_LOCAL_MACHINE\software\perfectnav\BHO INSTALLGUID 5805619B-F424-4EC6-AC25-21B1C6469003
HKEY_LOCAL_MACHINE\software\perfectnav UID 5D850852-6F3E-4FCE-9E38-415A7DF65B85
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 404 http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=404&Keywords=
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS DNSNotFound http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=DNS&Keywords=
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS URLTranslation http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&Keywords=
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 4 ivwt;12wjvhjjpgis0yiskvmhp1gpo2pqeBysn@
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\HomePage DefaultIEHomePage http://www.perfectnav.com/
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 404 http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=404&Keywords=
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS DNSNotFound http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=DNS&Keywords=
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS URLTranslation http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&Keywords=
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 4 ivwt;12wjvhjjpgis0yiskvmhp1gpo2pqeBysn@
HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO INSTALLGUID 5805619B-F424-4EC6-AC25-21B1C6469003


BearShare P2P more information...
Details: BearShare is a file sharing network. The free version installs a number of known spyware and adware programs.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class


Zango Search Assistant Adware more information...
Details: Zango Search Assistant opens new browser windows showing websites based on the previous websites you visit.
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\Software\zango
HKEY_CURRENT_USER\Software\zango last_conn_h 29796802
HKEY_CURRENT_USER\Software\zango last_conn_l 375411904
HKEY_CURRENT_USER\Software\zango we 2
Seitenanfang Seitenende
06.12.2006, 19:13
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#8 +poste nun den rest-------------------
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
06.12.2006, 19:15
Member

Themenstarter

Beiträge: 15
#9 Du wolltest das ja so, oder..?
REGEDIT4

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0

; Results at 06.12.2006 19:15:45 for strings:
; 'winmedia32'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


; End Of The Log...
Seitenanfang Seitenende
06.12.2006, 19:17
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#10 counterpsy-Log war komplett ?? oder fehlt noch was ?

poste das neue log vom HijackThis
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
06.12.2006, 19:18
Member

Themenstarter

Beiträge: 15
#11 REGEDIT4

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0

; Results at 06.12.2006 19:18:07 for strings:
; 'winfixer 2005'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WFX5U_is1]
"Inno Setup: App Path"="C:\\Programme\\WinFixer 2005"
"InstallLocation"="C:\\Programme\\WinFixer 2005\\"
"Inno Setup: Icon Group"="WinFixer 2005"
"DisplayName"="WinFixer 2005 1.1.29.3"
"UninstallString"="\"C:\\Programme\\WinFixer 2005\\unins000.exe\""
"QuietUninstallString"="\"C:\\Programme\\WinFixer 2005\\unins000.exe\" /SILENT"

[HKEY_USERS\S-1-5-21-1482476501-1202660629-854245398-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\WinFixer 2005]

; End Of The Log...

REGEDIT4

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0

; Results at 06.12.2006 19:20:38 for strings:
; 'spysheriff'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


; End Of The Log...
Dieser Beitrag wurde am 06.12.2006 um 19:22 Uhr von dj_orgie editiert.
Seitenanfang Seitenende
06.12.2006, 19:22
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#12 1.
Avenger

Zitat

registry keys to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WFX5U_is1
2.
Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren)

df_kmd.sys

in edit und klicke "Ok".
Notepad wird sich öffnen -- kopiere den Text ab und poste ihn.
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
06.12.2006, 19:24
Member

Themenstarter

Beiträge: 15
#13 der rest:
HKEY_CURRENT_USER\Software\zango geourl_current_version 12
HKEY_CURRENT_USER\Software\zango geourl_last_full_version 12
HKEY_CURRENT_USER\Software\zango actionurl_current_version 637
HKEY_CURRENT_USER\Software\zango actionurl_last_full_version 627
HKEY_CURRENT_USER\Software\zango keyword_current_version 1049
HKEY_CURRENT_USER\Software\zango keyword_last_full_version 1017
HKEY_CURRENT_USER\Software\zango recent_shown
HKEY_CURRENT_USER\Software\zango key_int_high 29823681
HKEY_CURRENT_USER\Software\zango key_int_low -1903067376
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus\1 132497
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus 0
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ProgID ClientAX.RequiredComponent.1
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA}
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Version 1.0
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\VersionIndependentProgID ClientAX.RequiredComponent
HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} RequiredComponent Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll
HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}
HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll
HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\FLAGS 0
HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\
HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0 ClientAX 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll
HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\
HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 ClientAX 1.0 Type Library
HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}
HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} IRequiredComponent
HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}
HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} IRequiredComponent
HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}
HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad} IClientInstaller
HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}
HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} IClientInstaller
HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}
HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} IRequiredComponent
HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9} IClientInstaller2
HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}
HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9} IClientInstaller2


misc.winsoftware.winfixer Misc more information...
Details: Typically part of a bundle attack, WinFixer is a disabled, data repair utility that nags the user to purchase.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 ThreadingModel Both
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46} AppID {287A2BAD-6590-4EFF-9BBC-494385664A73}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB} AppID {25A3C995-10C8-474B-A167-99460AB4AB2B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{538BC8F3-2E1E-4D2D-A261-158DF6E9B407}\InprocServer32 ThreadingModel free
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84C43108-013C-4513-8578-F50080B9C9D0}\InprocServer32 ThreadingModel free
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\InprocServer32 ThreadingModel Both
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} AppID {E8928E69-C050-42A9-8884-94DE85E888A2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 ThreadingModel Both
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 ThreadingModel Both
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd DisplayName df_kmd
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd ImagePath \??\C:\WINDOWS\System32\drivers\df_kmd.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd ErrorControl 1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd Start 1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd Type 1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd\Enum NextInstance 1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd\Enum Count 1
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd\Enum 0 Root\LEGACY_DF_KMD\0000
HKEY_CURRENT_USER\Software\WinSoftware
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_HIGH 33
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_LOW -2028888064
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_LOW -718020784
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_HIGH 29748353
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ScanFOF D:\Dokumente und Einstellungen\Franziska\Eigene Dateien
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings InstallDate 503908309
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings SaveRepairedFilesToPath C:\Programme\WinFixer 2005\Repaired
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings OverwriteAndBackupFilesToPath C:\Programme\WinFixer 2005\Backup
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings FirstRun 0
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_HIGH 29748337
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_LOW 296423248
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastScanErrorCount 1855
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TotalErrorCount 37896
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastStoredFile ...\Childrens - Cedarmont Kids - Action Bible Songs - This Little Light Of Mine (1).mp3
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings StoredFilesNum 2212
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ShowLastScanDlg 0
HKEY_CLASSES_ROOT\AppID\{25A3C995-10C8-474B-A167-99460AB4AB2B}
HKEY_CLASSES_ROOT\AppID\{25A3C995-10C8-474B-A167-99460AB4AB2B} MMFixCtrl
HKEY_CLASSES_ROOT\AppID\{287A2BAD-6590-4EFF-9BBC-494385664A73}
HKEY_CLASSES_ROOT\AppID\{287A2BAD-6590-4EFF-9BBC-494385664A73} FixCore
HKEY_CLASSES_ROOT\AppID\{290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\AppID\{290B5B73-4963-4BA1-9D2D-07CB566CB7FA} CompCleanCore
HKEY_CLASSES_ROOT\AppID\{8C65AEF6-E413-4314-815B-82717A3F1603}
HKEY_CLASSES_ROOT\AppID\{8C65AEF6-E413-4314-815B-82717A3F1603} CheckProduct2
HKEY_CLASSES_ROOT\AppID\{E8928E69-C050-42A9-8884-94DE85E888A2}
HKEY_CLASSES_ROOT\AppID\{E8928E69-C050-42A9-8884-94DE85E888A2} FFWraper
HKEY_CLASSES_ROOT\AppID\CheckProduct2.DLL
HKEY_CLASSES_ROOT\AppID\CheckProduct2.DLL AppID {8C65AEF6-E413-4314-815B-82717A3F1603}
HKEY_CLASSES_ROOT\AppID\compcln.dll
HKEY_CLASSES_ROOT\AppID\compcln.dll AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\AppID\FFWraper.DLL
HKEY_CLASSES_ROOT\AppID\FFWraper.DLL AppID {E8928E69-C050-42A9-8884-94DE85E888A2}
HKEY_CLASSES_ROOT\AppID\FixCore.DLL
HKEY_CLASSES_ROOT\AppID\FixCore.DLL AppID {287A2BAD-6590-4EFF-9BBC-494385664A73}
HKEY_CLASSES_ROOT\AppID\MMFixCtrl.DLL
HKEY_CLASSES_ROOT\AppID\MMFixCtrl.DLL AppID {25A3C995-10C8-474B-A167-99460AB4AB2B}
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B}
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CurVer CheckProduct2.CheckProduct.1
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct CheckProduct Class
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B}
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1 CheckProduct Class
HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306}
HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 C:\Programme\WinFixer 2005\MMFix.dll
HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306} PSFactoryBuffer
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 C:\Programme\WinFixer 2005\FixCore.dll
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\ProgID FixCore.MMFixCore.1
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\TypeLib {FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\VersionIndependentProgID FixCore.MMFixCore
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46} MMFixCore Class
HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46} AppID {287A2BAD-6590-4EFF-9BBC-494385664A73}
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\ProgID CompCleanCore.SystemCleaner.1
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\VersionIndependentProgID CompCleanCore.SystemCleaner
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD} SystemCleaner Class
HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 C:\Programme\WinFixer 2005\MMFix.dll
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus\1 132497
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus 0
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\ProgID MMFixCtrl.CoFixEngine.1
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\ToolboxBitmap32 C:\Programme\WinFixer 2005\MMFix.dll, 103
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1}
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\Version 1.0
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\VersionIndependentProgID MMFixCtrl.CoFixEngine
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB} CoFixEngine Class
HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB} AppID {25A3C995-10C8-474B-A167-99460AB4AB2B}
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\ProgID CompCleanCore.CCQuickScan.1
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\VersionIndependentProgID CompCleanCore.CCQuickScan
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} CCQuickScan Class
HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\ProgID CompCleanCore.RegCleaner.1
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\VersionIndependentProgID CompCleanCore.RegCleaner
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} RegCleaner Class
HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\ProgID CompCleanCore.AppCleaner.1
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\VersionIndependentProgID CompCleanCore.AppCleaner
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppCleaner Class
HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}
HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\InprocServer32 C:\PROGRA~1\WINFIX~1\ffCom.dll
HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\InprocServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\ProgID FFCom.FlFixer
HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\TypeLib {AD70AC89-F460-4E7E-B5A5-7EAF7E207736}
HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\Version 1.0
HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238} FlFixer Object
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 C:\Programme\WinFixer 2005\FFWraper.dll
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus\1 131473
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus 0
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ProgID FFWraper.FFEnginWraper.1
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ToolboxBitmap32 C:\Programme\WinFixer 2005\FFWraper.dll, 103
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\Version 1.0
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\VersionIndependentProgID FFWraper.FFEnginWraper
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} FFEnginWraper Class
HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} AppID {E8928E69-C050-42A9-8884-94DE85E888A2}
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\ProgID CompCleanCore.InetCleaner.1
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\VersionIndependentProgID CompCleanCore.InetCleaner
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860} InetCleaner Class
HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\ProgID CompCleanCore.FileCleaner.1
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\VersionIndependentProgID CompCleanCore.FileCleaner
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} FileCleaner Class
HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 C:\Programme\Gemeinsame Dateien\WinSoftware\PCheck.dll
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\ProgID CheckProduct2.CheckProduct.1
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\TypeLib {30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\VersionIndependentProgID CheckProduct2.CheckProduct
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B} CheckProduct Class
HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B} AppID {8C65AEF6-E413-4314-815B-82717A3F1603}
HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}
HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 C:\Programme\WinFixer 2005\FixCore.dll
HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} PSFactoryBuffer
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9}
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CurVer CompCleanCore.AppCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner AppCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9}
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1 AppCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CLSID {53ABACCB-434C-4756-A02B-8C2A3F29FB7D}
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CurVer CompCleanCore.CCQuickScan.1
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan CCQuickScan Class
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan.1
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan.1\CLSID {53ABACCB-434C-4756-A02B-8C2A3F29FB7D}
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan.1 CCQuickScan Class
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA}
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CurVer CompCleanCore.FileCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner FileCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA}
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1 FileCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CLSID {B5E427F9-AB38-4348-9076-86870C2BE860}
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CurVer CompCleanCore.InetCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner InetCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner.1\CLSID {B5E427F9-AB38-4348-9076-86870C2BE860}
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner.1 InetCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner
HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner\CLSID {66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}
HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner\CurVer CompCleanCore.RegCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner RegCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner.1\CLSID {66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}
HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner.1 RegCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner
HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner\CLSID {38EDB9E2-D7C4-4575-8905-FE65414FFEAD}
HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner\CurVer CompCleanCore.SystemCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner SystemCleaner Class
HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner.1\CLSID {38EDB9E2-D7C4-4575-8905-FE65414FFEAD}
HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner.1 SystemCleaner Class
HKEY_CLASSES_ROOT\FFCom.FlFixer
HKEY_CLASSES_ROOT\FFCom.FlFixer\Clsid {AA69BBFC-1D28-4960-8061-93C1BB156238}
HKEY_CLASSES_ROOT\FFCom.FlFixer FlFixer Object
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C}
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CurVer FFWraper.FFEnginWraper.1
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper FFEnginWraper Class
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C}
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1 FFEnginWraper Class
HKEY_CLASSES_ROOT\FixCore.MMFixCore
HKEY_CLASSES_ROOT\FixCore.MMFixCore\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46}
HKEY_CLASSES_ROOT\FixCore.MMFixCore\CurVer FixCore.MMFixCore.1
HKEY_CLASSES_ROOT\FixCore.MMFixCore MMFixCore Class
HKEY_CLASSES_ROOT\FixCore.MMFixCore.1
HKEY_CLASSES_ROOT\FixCore.MMFixCore.1\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46}
HKEY_CLASSES_ROOT\FixCore.MMFixCore.1 MMFixCore Class
HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}
HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\NumMethods 21
HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\ProxyStubClsid32 {08C71FB1-1E66-4D22-9F32-4C045A451306}
HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1}
HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306} IFixEngine
HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}
HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\NumMethods 12
HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900} IRegCleaner
HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}
HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\TypeLib {B6625280-8CD8-4632-97C0-83CEC12A49A3}
HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020} IDriverManipulate
HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}
HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\TypeLib {B6625280-8CD8-4632-97C0-83CEC12A49A3}
HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284} IReadWrite
HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}
HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1}
HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61} _IFixEngineEvents
HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}
HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\NumMethods 21
HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\ProxyStubClsid32 {08C71FB1-1E66-4D22-9F32-4C045A451306}
HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1}
HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B} IFileTitleDB
HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}
HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\NumMethods 12
HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398} ISystemCleaner
HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}
HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\TypeLib {30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}
HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA} ICheckProduct
HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}
HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC} _ICompCleanCoreEvents
HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}
HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\NumMethods 12
HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F} IAppCleaner
HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}
HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\TypeLib {AD70AC89-F460-4E7E-B5A5-7EAF7E207736}
HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F} IFlFixerEvents
HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}
HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\TypeLib {0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}
HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C} _IDriveFixerEvents
HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}
HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\NumMethods 10
HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922} IQScan2
HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}
HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\NumMethods 16
HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\ProxyStubClsid32 {CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}
HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\TypeLib {FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}
HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} IMMFixCore
HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}
HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\NumMethods 9
HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70} IQScan
HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}
HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}
HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C} IFFEnginWraper
HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809}
HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809}\NumMethods 5
HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809} IAbortChecker
HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}
HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\NumMethods 12
HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100} IInetCleaner
HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}
HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\TypeLib {0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}
HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7} IDriveFixer
HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\NumMethods 15
HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} IFileCleaner
HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}
HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\TypeLib {AD70AC89-F460-4E7E-B5A5-7EAF7E207736}
HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A} IFlFixer
HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}
HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}
HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB} _IFFEnginWraperEvents
HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine
HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine\CLSID {48349992-1402-4C67-B45B-2E619E641FDB}
HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine\CurVer MMFixCtrl.CoFixEngine.1
HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine CoFixEngine Class
HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine.1
HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine.1\CLSID {48349992-1402-4C67-B45B-2E619E641FDB}
HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine.1 CoFixEngine Class
HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}
HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0\0\win32 C:\Programme\WinFixer 2005\df_fixer.dll
HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0\HELPDIR C:\Programme\WinFixer 2005\
HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0 df_fixer 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}
HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0\0\win32 C:\Programme\Gemeinsame Dateien\WinSoftware\PCheck.dll
HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0\HELPDIR C:\Programme\Gemeinsame Dateien\WinSoftware\
HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0 CheckProduct2 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}
HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0\0\win32 C:\Programme\WinFixer 2005\FFWraper.dll
HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0\HELPDIR C:\Programme\WinFixer 2005\
HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0 FFWraper 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}
HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0\0\win32 C:\Programme\WinFixer 2005\MMFix.dll
HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0\HELPDIR C:\Programme\WinFixer 2005\
HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0 MMFixCtrl 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}
HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0\0\win32 C:\Programme\WinFixer 2005\ffCom.dll
HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0\HELPDIR C:\Programme\WinFixer 2005\
HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0 FFCom Library
HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}
HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0\0\win32 C:\Programme\WinFixer 2005\df_proxy.dll
HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0\HELPDIR C:\Programme\WinFixer 2005\
HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0 df_proxy 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0\0\win32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0\HELPDIR C:\Programme\WinFixer 2005\
HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0 WinSoftware Computer Cleaner core 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}
HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0\0\win32 C:\Programme\WinFixer 2005\FixCore.dll
HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0\HELPDIR C:\Programme\WinFixer 2005\
HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0 FixCore 1.0 Type Library
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\df_kmd.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\df_kmd.sys Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\df_kmd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\df_kmd.sys Driver
HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} PSFactoryBuffer


PWS-Banker Password Stealer more information...
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78364D99-A640-4ddf-B91A-67EFF8373045}


Winfixer Potentially Unwanted Software more information...
Details: Winfixer is known to be installed through inappropriate bundling and without users consent. It is a software that scans the users system for damaged files and attempts to fix it if the user pays a fee.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CLSID {B5E427F9-AB38-4348-9076-86870C2BE860}
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CurVer CompCleanCore.InetCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner InetCleaner Class
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\ProgID CompCleanCore.InetCleaner.1
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\VersionIndependentProgID CompCleanCore.InetCleaner
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860} InetCleaner Class
HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CLSID {53ABACCB-434C-4756-A02B-8C2A3F29FB7D}
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CurVer CompCleanCore.CCQuickScan.1
HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan CCQuickScan Class
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 C:\Programme\WinFixer 2005\MMFix.dll
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus\1 132497
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus 0
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\ProgID MMFixCtrl.CoFixEngine.1
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\ToolboxBitmap32 C:\Programme\WinFixer 2005\MMFix.dll, 103
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1}
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\Version 1.0
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\VersionIndependentProgID MMFixCtrl.CoFixEngine
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB} CoFixEngine Class
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB} AppID {25A3C995-10C8-474B-A167-99460AB4AB2B}
HKEY_CLASSES_ROOT\df_fixer.Fixer.1
HKEY_CLASSES_ROOT\df_fixer.Fixer.1\CLSID {538BC8F3-2E1E-4D2D-A261-158DF6E9B407}
HKEY_CLASSES_ROOT\df_fixer.Fixer.1 CFixer Object
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B}
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CurVer CheckProduct2.CheckProduct.1
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct CheckProduct Class
HKEY_CLASSES_ROOT\FixCore.MMFixCore.1
HKEY_CLASSES_ROOT\FixCore.MMFixCore.1\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46}
HKEY_CLASSES_ROOT\FixCore.MMFixCore.1 MMFixCore Class
HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}
HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 C:\Programme\WinFixer 2005\FixCore.dll
HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} PSFactoryBuffer
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9}
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1 AppCleaner Class
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\ProgID CompCleanCore.CCQuickScan.1
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\VersionIndependentProgID CompCleanCore.CCQuickScan
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} CCQuickScan Class
HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Security Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum 0 Root\LEGACY_DF_KMD\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum Count 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum NextInstance 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum INITSTARTFAILED 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd Type 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd Start 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd ErrorControl 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd ImagePath \??\C:\WINDOWS\system32\drivers\df_kmd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd DisplayName df_kmd
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C}
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1 FFEnginWraper Class
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 C:\Programme\WinFixer 2005\FixCore.dll
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\ProgID FixCore.MMFixCore.1
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\TypeLib {FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\VersionIndependentProgID FixCore.MMFixCore
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46} MMFixCore Class
HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46} AppID {287A2BAD-6590-4EFF-9BBC-494385664A73}
HKEY_CLASSES_ROOT\df_proxy.DriverManipulate.1
HKEY_CLASSES_ROOT\df_proxy.DriverManipulate.1\CLSID {84C43108-013C-4513-8578-F50080B9C9D0}
HKEY_CLASSES_ROOT\df_proxy.DriverManipulate.1 CDriverManipulate Object
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA}
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CurVer CompCleanCore.FileCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner FileCleaner Class
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B}
HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1 CheckProduct Class
HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306}
HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 C:\Programme\WinFixer 2005\MMFix.dll
HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306} PSFactoryBuffer
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\ProgID CompCleanCore.FileCleaner.1
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\VersionIndependentProgID CompCleanCore.FileCleaner
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} FileCleaner Class
HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9}
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CurVer CompCleanCore.AppCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner AppCleaner Class
HKEY_CURRENT_USER\Software\WinSoftware
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_HIGH 33
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_LOW -2028888064
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_LOW -718020784
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_HIGH 29748353
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ScanFOF D:\Dokumente und Einstellungen\Franziska\Eigene Dateien
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings InstallDate 503908309
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings SaveRepairedFilesToPath C:\Programme\WinFixer 2005\Repaired
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings OverwriteAndBackupFilesToPath C:\Programme\WinFixer 2005\Backup
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings FirstRun 0
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_HIGH 29748337
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_LOW 296423248
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastScanErrorCount 1855
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TotalErrorCount 37896
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastStoredFile ...\Childrens - Cedarmont Kids - Action Bible Songs - This Little Light Of Mine (1).mp3
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings StoredFilesNum 2212
HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ShowLastScanDlg 0
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\ProgID CompCleanCore.AppCleaner.1
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\VersionIndependentProgID CompCleanCore.AppCleaner
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppCleaner Class
HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 C:\Programme\WinFixer 2005\FFWraper.dll
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus\1 131473
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus 0
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ProgID FFWraper.FFEnginWraper.1
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ToolboxBitmap32 C:\Programme\WinFixer 2005\FFWraper.dll, 103
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\Version 1.0
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\VersionIndependentProgID FFWraper.FFEnginWraper
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} FFEnginWraper Class
HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} AppID {E8928E69-C050-42A9-8884-94DE85E888A2}
HKEY_CLASSES_ROOT\df_proxy.DriverManipulate
HKEY_CLASSES_ROOT\df_proxy.DriverManipulate\CLSID {84C43108-013C-4513-8578-F50080B9C9D0}
HKEY_CLASSES_ROOT\df_proxy.DriverManipulate\CurVer df_proxy.DriverManipulate.1
HKEY_CLASSES_ROOT\df_proxy.DriverManipulate CDriverManipulate Object
HKEY_CLASSES_ROOT\df_fixer.Fixer
HKEY_CLASSES_ROOT\df_fixer.Fixer\CLSID {538BC8F3-2E1E-4D2D-A261-158DF6E9B407}
HKEY_CLASSES_ROOT\df_fixer.Fixer\CurVer df_fixer.Fixer.1
HKEY_CLASSES_ROOT\df_fixer.Fixer CFixer Object
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\ProgID CompCleanCore.RegCleaner.1
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278}
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\VersionIndependentProgID CompCleanCore.RegCleaner
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} RegCleaner Class
HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA}
HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}
HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 C:\Programme\WinFixer 2005\compcln.dll
HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} PSFactoryBuffer
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA}
HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1 FileCleaner Class
HKEY_CLASSES_ROOT\FixCore.MMFixCore
HKEY_CLASSES_ROOT\FixCore.MMFixCore\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46}
HKEY_CLASSES_ROOT\FixCore.MMFixCore\CurVer FixCore.MMFixCore.1
HKEY_CLASSES_ROOT\FixCore.MMFixCore MMFixCore Class
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C}
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CurVer FFWraper.FFEnginWraper.1
HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper FFEnginWraper Class
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 C:\Programme\Gemeinsame Dateien\WinSoftware\PCheck.dll
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\ProgID CheckProduct2.CheckProduct.1
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\TypeLib {30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\VersionIndependentProgID CheckProduct2.CheckProduct
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B} CheckProduct Class
HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B} AppID {8C65AEF6-E413-4314-815B-82717A3F1603}
HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0}
HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0}\InprocServer32 C:\Programme\WinFixer 2005\df_proxy.dll
HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0}\InprocServer32 ThreadingModel free
HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0}\ProgID df_proxy.
Seitenanfang Seitenende
06.12.2006, 19:25
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#14 gut, das wollte ich sehen ;)
arbeite dennoch das obrige ab
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
06.12.2006, 19:30
Member

Themenstarter

Beiträge: 15
#15 Also mal wieder vielen Dank! Ich hab jetzt noch einen Termin, werde aber morgen früh wieder da sein... Der Bildschirm ist wieder normal und das war mal die Hauptsache! Hier noch den Report vom Regsearch:

REGEDIT4

; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0

; Results at 06.12.2006 19:30:01 for strings:
; 'df_kmd.sys'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS


; End Of The Log...
Dieser Beitrag wurde am 06.12.2006 um 19:33 Uhr von dj_orgie editiert.
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: