Spyware Infection auf dem Desktop !?! |
||
---|---|---|
#0
| ||
03.12.2006, 14:00
Member
Beiträge: 15 |
||
|
||
03.12.2006, 16:37
Ehrenmitglied
Beiträge: 29434 |
#2
poste dieses log
http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
04.12.2006, 17:05
Member
Themenstarter Beiträge: 15 |
#3
Franziska - 06-12-04 16:58:08,69 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Programme\Mozilla Firefox" ((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 )))))))))))))))))))))))))))))))))) 2006-12-04 07:03 <DIR> dr-h----- C:\Dokumente und Einstellungen\Franziska\Recent 2006-12-03 13:31 <DIR> d-------- C:\avenger 2006-12-03 13:01 <DIR> d-------- C:\Programme\CleanUp! 2006-11-13 21:27 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2006-11-13 21:27 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2006-11-13 21:27 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2006-11-13 21:27 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2006-11-13 21:27 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe 2006-11-13 21:26 <DIR> d-------- C:\Programme\Winamp (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-04 16:58 -------- d-------- C:\Programme\Mozilla Firefox 2006-12-04 16:34 -------- d-------- C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten\Skype 2006-12-02 10:44 -------- d-------- C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten\Adobe 2006-11-27 19:19 8 --a------ C:\WINDOWS\system32\CtSACKey.sys 2006-10-29 18:53 -------- d-------- C:\Programme\ElsterFormular2005 2006-10-28 11:26 -------- d---s---- C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten\Microsoft 2006-10-05 18:40 -------- d-------- C:\Programme\AVPersonal (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Skype"="\"C:\\Programme\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce] "ICQ Lite"="C:\\Programme\\ICQLite\\ICQLite.exe -trayboot" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "AVGCtrl"="C:\\Programme\\AVPersonal\\AVGNT.EXE /min" "AVSCHED32"="C:\\Programme\\AVPersonal\\AVSCHED32.EXE /min" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "zango"="\"c:\\programme\\zango\\zango.exe\"" "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "ICQ Lite"="\"C:\\Programme\\ICQLite\\ICQLite.exe\" -minimize" "SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="http://home.arcor.de/manuel.schaich/berti&ich.JPG" "SubscribedURL"="http://home.arcor.de/manuel.schaich/berti&ich.JPG" "FriendlyName"="" "Flags"=dword:00000001 "Position"=hex:2c,00,00,00,12,03,00,00,19,01,00,00,00,05,00,00,c0,03,00,00,e8,\ 03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=dword:40000001 "OriginalStateInfo"=hex:18,00,00,00,12,03,00,00,19,01,00,00,00,05,00,00,c0,03,\ 00,00,01,00,00,40 "RestoredStateInfo"=hex:14,6d,ef,05,41,c0,ac,74,e8,11,23,00,68,de,ef,05,20,6d,\ ef,05,3c,40,00,00 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1] "Source"="file:///C:/DOKUME~1/FRANZI~1/LOKALE~1/Temp/msohtml1/01/clip_image001.jpg" "SubscribedURL"="file:///C:/DOKUME~1/FRANZI~1/LOKALE~1/Temp/msohtml1/01/clip_image001.jpg" "FriendlyName"="" "Flags"=dword:00000001 "Position"=hex:2c,00,00,00,7e,01,00,00,64,01,00,00,f4,01,00,00,77,01,00,00,ea,\ 03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=dword:00000001 "OriginalStateInfo"=hex:18,00,00,00,92,03,00,00,64,01,00,00,f4,01,00,00,77,01,\ 00,00,01,00,00,40 "RestoredStateInfo"=hex:dc,ff,eb,03,f3,99,83,7c,70,9a,80,7c,ff,ff,ff,ff,66,9a,\ 80,7c,66,9a,80,7c [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,ec,\ 03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=dword:40000004 "OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\ 00,00,01,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "Wallpaper"="C:\\WINDOWS\\desktop.html" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:95,00,00,00 "NoFavoritesMenu"=dword:00000001 "ClearRecentDocsOnExit"=dword:00000001 "NoWindowsUpdate"=dword:00000001 "NoActiveDesktop"=dword:00000000 "ClassicShell"=dword:00000000 "ForceActiveDesktopOn"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Adobe Reader - Schnellstart.lnk" "backup"="C:\\WINDOWS\\pss\\Adobe Reader - Schnellstart.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~2.0\\Reader\\READER~1.EXE " "item"="Adobe Reader - Schnellstart" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Norton System Doctor.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Norton System Doctor.lnk" "backup"="C:\\WINDOWS\\pss\\Norton System Doctor.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\NORTON~1\\SYSDOC32.EXE /STARTUP" "item"="Norton System Doctor" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvCpl" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvMcTray" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /install" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSDrvCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PSDrvCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\System32\\PSDrvCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Programme\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mobsync" "hkey"="HKLM" "command"="%SystemRoot%\\system32\\mobsync.exe /logon" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeUpdateManager" "hkey"="HKCU" "command"="C:\\Programme\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinMedia32] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="winmedia32" "hkey"="HKLM" "command"="winmedia32.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XPoe-Runtime] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="xpoerunt" "hkey"="HKCU" "command"="C:\\Programme\\DATA BECKER\\XP optimal einstellen 2.0\\xpoerunt.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zango] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="zango" "hkey"="HKLM" "command"="\"c:\\programme\\zango\\zango.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "NProtectService"=dword:00000002 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\df_kmd.sys Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job Completion time: 06-12-04 16:58:50.75 C:\ComboFix.txt ... 06-12-04 16:58 C:\ComboFix2.txt ... 06-12-04 16:55 |
|
|
||
04.12.2006, 17:08
Ehrenmitglied
Beiträge: 29434 |
#4
1.
arbeite cleanup ab http://virus-protect.org/cleanup.html 2. Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.12.2006, 16:34
Member
Themenstarter Beiträge: 15 |
#5
Datentr„ger in Laufwerk C: ist Programme
Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Windows\System32\Com 19.04.2005 16:38 <DIR> . 19.04.2005 16:38 <DIR> .. 03.08.2004 23:57 195.584 comadmin.dll 23.08.2001 14:00 61.440 comempty.dat 23.08.2001 14:00 77.348 comexp.msc 03.08.2004 23:57 9.728 comrepl.exe 23.08.2001 14:00 5.120 comrereg.exe 23.08.2001 14:00 19.456 mtsadmin.tlb 6 Datei(en) 368.676 Bytes 2 Verzeichnis(se), 32.965.373.952 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Windows\system32\config 18.11.2005 19:50 <DIR> . 18.11.2005 19:50 <DIR> .. 06.12.2006 06:58 524.288 AppEvent.Evt 06.12.2006 06:58 262.144 default 23.06.2004 13:51 94.208 default.sav 18.11.2005 19:50 262.144 default_BAK_40495 06.02.2005 20:04 262.144 default_BAK_74324 24.06.2004 06:30 96 netlogon.ftl 06.12.2006 06:58 24.576 SAM 06.02.2005 20:04 262.144 SAM_BAK_25157 18.11.2005 19:50 24.576 SAM_BAK_85747 23.06.2004 12:52 65.536 SecEvent.Evt 06.12.2006 06:58 45.056 SECURITY 06.02.2005 20:04 262.144 SECURITY_BAK_12872 18.11.2005 19:50 45.056 SECURITY_BAK_34206 06.12.2006 06:58 22.544.384 software 23.06.2004 13:51 630.784 software.sav 18.11.2005 19:50 22.020.096 software_BAK_22145 06.02.2005 20:04 21.495.808 software_BAK_44927 06.12.2006 06:58 524.288 SysEvent.Evt 06.12.2006 16:27 3.670.016 system 23.06.2004 13:51 397.312 system.sav 23.06.2004 12:08 <DIR> systemprofile 18.11.2005 19:50 4.718.592 system_BAK_74199 06.02.2005 20:04 3.145.728 system_BAK_83142 23.06.2004 13:51 262.144 userdiff 23 Datei(en) 81.543.264 Bytes 3 Verzeichnis(se), 32.965.369.856 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\WINDOWS\system32 Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\WINDOWS\Downloaded Program Files 24.11.2004 19:05 27.648 axload.dll 15.06.2004 05:13 226 cc.inf 07.11.2006 12:58 1.224.704 ClientAX.dll 22.04.2005 15:08 <DIR> CONFLICT.1 14.10.1997 17:52 697 DirectAnimation Java Classes.osd 16.06.2004 16:03 355.955 ICQVideoControl.dll 08.06.2004 11:26 268 ICQVideoControl.inf 04.07.2004 16:53 398.456 imloader.exe 06.12.2004 14:51 17.600 InstallationsAssistent.ocx 25.08.2003 17:12 1.096 iuctl.inf 20.01.2000 14:25 1.162 Microsoft XML Parser for Java.osd 20.05.2004 13:36 237.568 MISBH.dll 09.05.2004 10:03 194 MISBH.INF 05.11.2003 06:04 228 odyssey_webmoo.inf 22.08.2003 20:10 226 opuc.inf 09.10.2003 09:32 144 QTPlugin.inf 13.04.2001 14:55 7.671 swdir.inf 27.08.2005 13:30 5.065 swflash.inf 03.08.2004 14:51 293 wuweb.inf 18 Datei(en) 2.279.201 Bytes 1 Verzeichnis(se), 32.965.369.856 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Programme\Common Files 06.02.2005 20:32 <DIR> . 06.02.2005 20:32 <DIR> .. 06.11.2004 00:06 <DIR> Microsoft Shared 29.09.2004 18:16 <DIR> SearchUpgrader 29.06.2004 16:03 <DIR> System 0 Datei(en) 0 Bytes 5 Verzeichnis(se), 32.965.369.856 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Dokumente und Einstellungen\Franziska 06.12.2006 16:27 <DIR> . 06.12.2006 16:27 <DIR> .. 23.11.2004 17:25 <DIR> Application Data 06.12.2006 16:29 <DIR> Desktop 23.01.2005 11:31 <DIR> Eigene Dateien 17.08.2006 20:57 <DIR> Favoriten 13.09.2006 10:37 <DIR> Incomplete 06.12.2006 06:58 22.806.528 NTUSER.DAT 18.11.2005 19:50 14.942.208 NTUSER.DAT_BAK_45641 24.04.2006 18:39 <DIR> Startmen 18.11.2005 19:02 95 trace.log 14.10.2004 19:32 <DIR> WINDOWS 3 Datei(en) 37.748.831 Bytes 9 Verzeichnis(se), 32.965.365.760 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Eigene Dateien 23.01.2005 11:31 <DIR> . 23.01.2005 11:31 <DIR> .. 14.05.2006 09:26 <DIR> Eigene Musik 0 Datei(en) 0 Bytes 3 Verzeichnis(se), 32.965.365.760 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Program Files 01.08.2006 21:23 <DIR> . 01.08.2006 21:23 <DIR> .. 01.08.2006 21:23 <DIR> ICQLite 14.01.2006 20:48 <DIR> Samsung 25.11.2005 13:34 <DIR> SpySheriff 0 Datei(en) 0 Bytes 5 Verzeichnis(se), 32.965.365.760 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Lokale Einstellungen\Temporary Internet Files\Content.IE5 06.12.2006 16:27 442.368 index.dat 1 Datei(en) 442.368 Bytes 0 Verzeichnis(se), 32.965.365.760 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Lokale Einstellungen\Temp 06.12.2006 16:27 <DIR> . 06.12.2006 16:27 <DIR> .. 06.12.2006 15:09 16.384 ~DF337D.tmp 06.12.2006 15:09 16.384 ~DF4513.tmp 2 Datei(en) 32.768 Bytes 2 Verzeichnis(se), 32.965.365.760 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\WINDOWS\Temp 06.12.2006 16:27 <DIR> . 06.12.2006 16:27 <DIR> .. 0 Datei(en) 0 Bytes 2 Verzeichnis(se), 32.965.365.760 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Temp 04.02.2006 11:51 <DIR> . 04.02.2006 11:51 <DIR> .. 0 Datei(en) 0 Bytes 2 Verzeichnis(se), 32.965.365.760 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Programme 03.12.2006 13:30 <DIR> . 03.12.2006 13:30 <DIR> .. 19.04.2005 15:24 <DIR> Adaware 13.03.2005 15:10 <DIR> Adobe 23.06.2004 14:24 <DIR> Ahead 25.06.2004 06:24 <DIR> AIDA32 - Enterprise System Information 07.02.2005 11:12 <DIR> aida32ee_390 05.10.2006 18:40 <DIR> AVPersonal 08.06.2005 13:42 21 AVPersonalAVWIN.INI 13.09.2006 10:36 <DIR> BearShare 06.12.2006 16:25 <DIR> CleanUp! 06.02.2005 20:32 <DIR> Common Files 23.06.2004 11:59 <DIR> ComPlus Applications 06.02.2005 21:36 <DIR> Corel 07.02.2005 11:15 <DIR> Corel_11 14.01.2006 20:10 <DIR> Creative 06.02.2005 19:37 <DIR> CyberLink 06.02.2005 20:55 <DIR> DATA BECKER 19.07.2004 19:51 <DIR> DivX 31.08.2005 19:48 <DIR> DivXCodec 29.10.2006 18:53 <DIR> ElsterFormular2005 20.02.2006 14:52 <DIR> emagic 17.07.2006 17:57 <DIR> eMule.de 16.09.2005 11:55 2.828.760 fcduninstall.exe 10.03.2006 14:48 <DIR> fotomaxcd 13.09.2006 10:36 <DIR> FrostWire 17.08.2006 19:17 <DIR> Gemeinsame Dateien 18.05.2006 13:15 <DIR> Google 07.02.2005 11:26 <DIR> Grafik-Karte 01.08.2006 21:23 <DIR> ICQLite 29.05.2005 17:49 <DIR> ICQToolbar 14.09.2005 12:43 <DIR> INSTAFINK 07.02.2005 11:26 <DIR> Inst_Office_2003 19.04.2005 16:40 <DIR> Internet Explorer 06.02.2005 21:50 <DIR> IrfanView 06.02.2005 21:49 <DIR> IrfanView 3.91 17.08.2006 19:20 <DIR> Java 14.11.2005 14:23 <DIR> Kazaa 19.06.2006 14:19 <DIR> Kazaa Lite 07.02.2005 11:26 <DIR> MBM5 17.11.2005 22:02 <DIR> Messenger 23.06.2004 12:05 <DIR> microsoft frontpage 09.11.2004 14:04 <DIR> Microsoft Office 23.06.2004 14:12 <DIR> Microsoft Visual Studio 23.06.2004 14:13 <DIR> Microsoft Works 23.06.2004 14:13 <DIR> Microsoft.NET 25.06.2004 06:30 <DIR> Motherboard Monitor 5 19.04.2005 16:40 <DIR> Movie Maker 04.12.2006 16:58 <DIR> Mozilla Firefox 07.02.2005 11:25 <DIR> MR 23.06.2004 11:59 <DIR> MSN 23.06.2004 11:59 <DIR> MSN Gaming Zone 07.02.2005 11:18 <DIR> myMP3_V5 07.02.2005 11:11 <DIR> Nero_Burning 17.11.2005 22:02 <DIR> NetMeeting 17.11.2005 22:02 <DIR> Network Stumbler 09.04.2006 11:16 <DIR> Norton Utilities 08.12.2005 06:56 <DIR> Oberon Media 25.06.2004 06:49 <DIR> OfficeUpdate11 23.06.2004 11:59 <DIR> Online Services 23.06.2004 12:03 <DIR> Online-Dienste 24.06.2004 07:32 <DIR> OO Software 07.02.2005 11:19 <DIR> oodpe_6_0_609_ger 19.04.2005 16:38 <DIR> Outlook Express 24.06.2004 06:28 <DIR> Pinnacle 06.03.2005 20:36 <DIR> Power Tab Software 16.07.2004 15:02 <DIR> QuickTime 14.01.2006 20:43 <DIR> Samsung 08.12.2005 06:52 <DIR> shizmoo 07.03.2005 16:52 <DIR> Skype 29.11.2005 15:19 <DIR> Speed Disk 19.04.2005 15:34 <DIR> Spybot - Search & Destroy 24.06.2004 06:28 <DIR> Steinberg 29.09.2006 14:09 <DIR> Sybex 14.02.2006 20:02 <DIR> Symantec 16.03.2006 20:09 <DIR> T-COM 07.02.2005 11:30 <DIR> T-Sinus 154 data 31.08.2005 19:48 <DIR> The Playa 08.12.2005 07:07 <DIR> TuneUp Utilities 2006 07.02.2005 11:19 <DIR> UltraEdit 12.09.2004 18:00 <DIR> VideoLAN 24.06.2004 06:28 <DIR> VOB 13.11.2006 22:10 <DIR> Winamp 19.04.2005 16:40 <DIR> Windows Media Player 19.04.2005 16:38 <DIR> Windows NT 23.01.2006 14:35 <DIR> WinFixer 2005 07.03.2005 12:52 <DIR> WinZip 23.06.2004 12:05 <DIR> xerox 06.04.2006 20:09 <DIR> Yahoo! 19.04.2005 15:25 <DIR> Zonealarm 2 Datei(en) 2.828.781 Bytes 88 Verzeichnis(se), 32.965.361.664 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Lokale Einstellungen\Anwendungsdaten 13.03.2005 15:19 <DIR> Adobe 16.07.2004 15:01 <DIR> Apple Computer 02.10.2006 13:18 96.256 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 19.04.2005 16:55 101.824 GDIPFONTCACHEV1.DAT 18.05.2006 13:15 <DIR> Google 02.07.2004 16:13 <DIR> Help 19.09.2004 16:57 <DIR> Identities 06.11.2004 10:28 <DIR> IM 23.04.2005 18:14 <DIR> Microsoft 2 Datei(en) 198.080 Bytes 7 Verzeichnis(se), 32.965.357.568 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Dokumente und Einstellungen\Franziska\Anwendungsdaten 02.12.2006 10:44 <DIR> Adobe 23.11.2005 19:08 <DIR> AdobeAUM 09.02.2006 07:06 <DIR> AdobeUM 01.10.2004 11:45 <DIR> Ahead 16.07.2004 15:01 <DIR> Apple Computer 25.06.2004 15:51 <DIR> Corel 18.01.2006 20:37 <DIR> Creative 06.02.2005 19:41 <DIR> CyberLink 13.09.2004 15:37 <DIR> dvdcss 15.09.2006 11:01 <DIR> FrostWire 18.05.2006 13:15 <DIR> Google 08.12.2005 06:54 <DIR> HbTools 28.11.2005 13:55 <DIR> Help 29.09.2004 19:16 <DIR> ICQ 06.02.2006 20:32 <DIR> ICQLite 24.06.2004 06:37 <DIR> Identities 19.06.2006 14:19 <DIR> Kazaa Lite 19.04.2005 15:24 <DIR> Lavasoft 30.10.2005 15:17 <DIR> Leadertech 03.07.2005 21:13 <DIR> Macromedia 07.10.2005 18:48 <DIR> Mozilla 12.04.2005 18:57 <DIR> MSN6 06.12.2006 15:52 <DIR> Skype 25.06.2004 15:02 <DIR> Steinberg 21.08.2006 12:18 <DIR> Sun 06.02.2005 22:03 <DIR> Symantec 06.02.2005 19:54 <DIR> TuneUp Software 0 Datei(en) 0 Bytes 27 Verzeichnis(se), 32.965.357.568 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten 04.01.2006 21:27 <DIR> Adobe 23.06.2004 14:24 <DIR> Ahead 11.02.2006 13:06 <DIR> AntiVir PersonalEdition Classic 16.07.2004 15:00 <DIR> Apple Computer 14.01.2006 20:10 <DIR> Creative 06.02.2005 19:37 <DIR> CyberLink 12.04.2005 18:57 <DIR> MSN6 25.06.2004 08:11 <DIR> nView_Profiles 17.07.2004 10:46 <DIR> QuickTime 08.01.2006 13:56 <DIR> Skype 26.03.2005 18:04 <DIR> Spybot - Search & Destroy 06.02.2005 21:57 <DIR> Symantec 06.02.2005 19:53 <DIR> TuneUp Software 06.04.2006 20:09 <DIR> Yahoo! Companion 0 Datei(en) 0 Bytes 14 Verzeichnis(se), 32.965.357.568 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Programme\Gemeinsame Dateien 17.08.2006 19:17 <DIR> . 17.08.2006 19:17 <DIR> .. 18.12.2005 21:17 <DIR> Adobe 23.06.2004 14:15 <DIR> Ahead 24.06.2004 07:16 <DIR> Corel 24.06.2004 07:17 <DIR> DESIGNER 23.06.2004 12:01 <DIR> Dienste 14.07.2004 20:31 <DIR> InstallShield 17.08.2006 19:17 <DIR> Java 14.01.2006 20:44 <DIR> Microsoft Shared 23.06.2004 12:01 <DIR> MSSoap 08.11.2004 16:51 <DIR> Oberon Media 23.06.2004 12:53 <DIR> ODBC 23.06.2004 12:53 <DIR> SpeechEngines 18.11.2005 19:11 <DIR> Symantec Shared 19.04.2005 16:38 <DIR> System 30.09.2005 18:03 <DIR> WinSoftware 08.12.2005 07:04 <DIR> Wise Installation Wizard 0 Datei(en) 0 Bytes 18 Verzeichnis(se), 32.965.357.568 Bytes frei Datentr„ger in Laufwerk C: ist Programme Volumeseriennummer: 94EB-9846 Verzeichnis von C:\Windows\tasks 03.11.2006 17:16 404 1-Klick-Wartung.job 1 Datei(en) 404 Bytes 0 Verzeichnis(se), 32.965.357.568 Bytes frei |
|
|
||
06.12.2006, 17:35
Ehrenmitglied
Beiträge: 29434 |
#6
««
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als sheriff.reg mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. Die Datei "sheriff.reg" auf dem Desktop doppelklicken.+ der Registry beifuegen Zitat REGEDIT4______________________________________________________- »» Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat Registry values to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten »» lösche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb «« öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankPc neustarten «« Counterspy anwenden http://virus-protect.org/counterspy.html stelle nach dem scan alles auf remove und poste hier den scanreport _______________________ Download Registry Search by Bobbi Flekman http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) WinMedia32 in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) WinFixer 2005 in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) SpySheriff in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.12.2006, 19:12
Member
Themenstarter Beiträge: 15 |
#7
Spyware Scan Details
Start Date: 06.12.2006 18:05:41 End Date: 06.12.2006 19:08:07 Total Time: 1 hrs 2 mins 26 secs Detected spyware KaZaA P2P more information... Details: Kazaa is a Peer to Peer file sharing application that uses some adware advertising as well as installs a number of thrid party adware software on your computer. Status: Deleted Infected files detected c:\programme\kazaa\plugins.htm c:\programme\kazaa\versions.dat c:\programme\kazaa\bgp2p\bdupd.dll c:\programme\kazaa\bgp2p\plugins\ace.xmd c:\programme\kazaa\bgp2p\plugins\adsntfs.xmd c:\programme\kazaa\bgp2p\plugins\alz.xmd c:\programme\kazaa\bgp2p\plugins\arc.xmd c:\programme\kazaa\bgp2p\plugins\arj.xmd c:\programme\kazaa\bgp2p\plugins\bach.xmd Altnet Browser Plug-in more information... Details: Topsearch is a .dll file that acts as a search engine and runs inside Internet Explorer as a Browser helper Object (BHO). It can supply advertising content to KaZaA users. Status: Deleted Infected files detected c:\dokumente und einstellungen\franziska\startmen?rams\altnet\peer points manager.lnk C:\Programme\AVPersonal\INFECTED\A0051994.EXE.VIR C:\Programme\AVPersonal\INFECTED\A0051996.EXE.VIR C:\Programme\AVPersonal\INFECTED\ASM.EXE.VIR C:\Programme\AVPersonal\INFECTED\POINTS MANAGER.EXE.VIR Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE AppID {8B0FEF15-54DC-49F5-8377-8172DE975F75} HKEY_CLASSES_ROOT\appid\{8b0fef15-54dc-49f5-8377-8172de975f75} HKEY_CLASSES_ROOT\appid\{8b0fef15-54dc-49f5-8377-8172de975f75} Altnet Signing Module HKEY_CLASSES_ROOT\clsid\{3646c2bd-3554-49ca-8125-44deefb881de} HKEY_CLASSES_ROOT\clsid\{3646c2bd-3554-49ca-8125-44deefb881de} F586631D-553B-4956-B31E-62D096C26BE4 HKEY_CLASSES_ROOT\clsid\{3f4d4f88-0198-4921-b630-957f3eb814e0} HKEY_CLASSES_ROOT\clsid\{3f4d4f88-0198-4921-b630-957f3eb814e0} 1928716804 HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus 0 HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ProgID ADM.ADM.1 HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ToolboxBitmap32 C:\PROGRA~2\Altnet\DOWNLO~1\adm4005.exe, 101 HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\Version 1.0 HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\VersionIndependentProgID ADM.ADM HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} ADM Class HKEY_CLASSES_ROOT\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} AppID {99A8E2B2-3405-4C0D-9110-131C14CAAF62} HKEY_LOCAL_MACHINE\software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75} HKEY_LOCAL_MACHINE\software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75} Altnet Signing Module HKEY_LOCAL_MACHINE\software\classes\appid\{99a8e2b2-3405-4c0d-9110-131c14caaf62} HKEY_LOCAL_MACHINE\software\classes\appid\{99a8e2b2-3405-4c0d-9110-131c14caaf62} adm HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\MiscStatus 0 HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ProgID ADM.ADM.1 HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\ToolboxBitmap32 C:\PROGRA~2\Altnet\DOWNLO~1\adm4005.exe, 101 HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\Version 1.0 HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}\VersionIndependentProgID ADM.ADM HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} ADM Class HKEY_LOCAL_MACHINE\software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d} AppID {99A8E2B2-3405-4C0D-9110-131C14CAAF62} HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\ProgID SigningModule.SigningModule.1 HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\VersionIndependentProgID SigningModule.SigningModule HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} SigningModule Class HKEY_LOCAL_MACHINE\software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} AppID {8B0FEF15-54DC-49F5-8377-8172DE975F75} HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\ProgID SigningModule.SigningModule.1 HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}\VersionIndependentProgID SigningModule.SigningModule HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} SigningModule Class HKEY_CLASSES_ROOT\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8} AppID {8B0FEF15-54DC-49F5-8377-8172DE975F75} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM.1\CLSID {C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM.1 ADM Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\adm.EXE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\adm.EXE AppID {99A8E2B2-3405-4C0D-9110-131C14CAAF62} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM\CLSID {C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM\CurVer ADM.ADM.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ADM.ADM ADM Class HKEY_CLASSES_ROOT\SigningModule.SigningModule HKEY_CLASSES_ROOT\SigningModule.SigningModule\CLSID {9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8} HKEY_CLASSES_ROOT\SigningModule.SigningModule\CurVer SigningModule.SigningModule.1 HKEY_CLASSES_ROOT\SigningModule.SigningModule SigningModule Class HKEY_CLASSES_ROOT\SigningModule.SigningModule.1 HKEY_CLASSES_ROOT\SigningModule.SigningModule.1\CLSID {9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8} HKEY_CLASSES_ROOT\SigningModule.SigningModule.1 SigningModule Class Twain Tech Adware more information... Details: Twain-Tech is an adware based Internet Explorer browser helper object that deliver targeted ads based on a user?s browsing patters. Twain-Tech does not provide any other relevant purpose other then to display pop-up ads. Status: Deleted Infected files detected c:\windows\smdat32m.sys Buschtrommel 1.2 Trojan more information... Details: Features: Edit server, 6 Autostart methods, Backup, Screenshot, Port Redirect and scripting. Status: Deleted Infected files detected c:\windows\server.exe Trojan.Desktophijack Trojan more information... Details: Trojan.Desktophijack modifies the home page and desktop settings on a compromised computer. Status: Deleted Infected files detected c:\windows\desktop.html StarDialer Dialer more information... Details: An ActiveX installer control for premium-rate phone diallers, usually German. Status: Deleted Infected files detected C:\Dokumente und Einstellungen\Franziska\Desktop\Wartung\Neuer Ordner\hijackthis_199\backups\backup-20061206-175339-814.dll gator Adware more information... Details: Display pop up ads Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\00001669.EXE.VIR C:\Programme\AVPersonal\INFECTED\00002281.EXE.VIR C:\Programme\AVPersonal\INFECTED\00017789.EXE.VIR C:\Programme\AVPersonal\INFECTED\00019285.EXE.VIR C:\Programme\AVPersonal\INFECTED\00020446.EXE.VIR C:\Programme\AVPersonal\INFECTED\00068947.EXE.VIR C:\Programme\AVPersonal\INFECTED\00094075.EXE.VIR Infected registry entries detected HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f} HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f}\ProgID HbtToolbar.HbtHtmlMenuUI.1 HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f}\VersionIndependentProgID HbtToolbar.HbtHtmlMenuUI HKEY_LOCAL_MACHINE\software\classes\clsid\{354382db-df55-4da9-85a3-41696a0f510f} HbtHtmlMenuUI HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19}\ProgID RprtsPSClient.PSExecuter.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19}\VersionIndependentProgID RprtsPSClient.PSExecuter HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0774F696-D801-4C18-81A7-A3A32B8BEF19} RprtsPSExecuter HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\ProgID ShprRprts.HbAx.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\ToolboxBitmap32 C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll, 102 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD}\VersionIndependentProgID ShprRprts.HbAx HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} HbAx HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}\ProgID ShprRprts.HbInfoBand.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1}\VersionIndependentProgID ShprRprts.HbInfoBand HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} ShopperReports ? Price Comparison HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{354382DB-DF55-4DA9-85A3-41696A0F510F}\ProgID HbtToolbar.HbtHtmlMenuUI.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{354382DB-DF55-4DA9-85A3-41696A0F510F}\VersionIndependentProgID HbtToolbar.HbtHtmlMenuUI HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{354382DB-DF55-4DA9-85A3-41696A0F510F} HbtHtmlMenuUI HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0}\ProgID ShprRprts.IEButtonA.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0}\VersionIndependentProgID ShprRprts.IEButtonA HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{454B4812-E572-4703-A1BB-63490809EAC0} IEButtonA HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}\ProgID ShprRprts.IEButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC}\VersionIndependentProgID ShprRprts.IEButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} IEButton HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} Default Visible Yes HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} ButtonText ShopperReports - Compare product prices HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} HotIcon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,204 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} Icon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,203 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E77EDA01-3C56-4a96-8D08-02B42891C169} ClsidExtension {580a1f3f-89b4-433b-bbdb-b97aeb13f3fc} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}\ProgID ShprRprts.HbCommBand.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A}\VersionIndependentProgID ShprRprts.HbCommBand HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} ShopperReports ? Price Comparison HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{34F4D917-31E4-464C-B8B3-84C1CE76B395} IHbIEPane HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F04CBF7-CD62-4403-B090-B432DEDCB159} IRegisterableObject HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BC190DA5-0187-4D99-B3AC-6C45EA1B9324} IBrwsAdapter HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} Default Visible Yes HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} ButtonText ShopperReports - Compare travel rates HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} HotIcon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,202 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} Icon C:\Programme\ShopperReports\Bin\1.0.5.0\ShprRprt.dll,201 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} CLSID {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{946B3E9E-E21A-49c8-9F63-900533FAFE14} ClsidExtension {454b4812-e572-4703-a1bb-63490809eac0} HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} ShopperReports ? Price Comparison HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1\CLSID {0774F696-D801-4C18-81A7-A3A32B8BEF19} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter.1 RprtsPSExecuter HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CLSID {0774F696-D801-4C18-81A7-A3A32B8BEF19} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter\CurVer RprtsPSClient.PSExecuter.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RprtsPSClient.PSExecuter RprtsPSExecuter HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx.1\CLSID {1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx.1 HbAx HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx\CLSID {1E6AC766-9094-4BCF-ABD3-39E2EAEA5FCD} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx\CurVer ShprRprts.HbAx.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbAx HbAx HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand.1\CLSID {A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand.1 ShopperReports ? Price Comparison HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand\CLSID {A798E2B4-B6A0-4B96-8C53-8EC7A3B0895A} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand\CurVer ShprRprts.HbCommBand.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbCommBand ShopperReports ? Price Comparison HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand.1\CLSID {2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand.1 ShopperReports ? Price Comparison HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand\CLSID {2178C864-B8BC-41AE-A1FB-EB6A32F87EB1} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand\CurVer ShprRprts.HbInfoBand.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.HbInfoBand ShopperReports ? Price Comparison HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton.1\CLSID {580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton.1 IEButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton\CLSID {580A1F3F-89B4-433B-BBDB-B97AEB13F3FC} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton\CurVer ShprRprts.IEButton.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButton IEButton HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA.1\CLSID {454B4812-E572-4703-A1BB-63490809EAC0} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA.1 IEButtonA HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA\CLSID {454B4812-E572-4703-A1BB-63490809EAC0} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA\CurVer ShprRprts.IEButtonA.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.IEButtonA IEButtonA HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1\CLSID {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl.1 ShprRprts HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CLSID {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl\CurVer ShprRprts.SmrtShprCtl.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShprRprts.SmrtShprCtl ShprRprts HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F} HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F}\ProgID HbtToolbar.HbtHtmlMenuUI.1 HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F}\VersionIndependentProgID HbtToolbar.HbtHtmlMenuUI HKEY_CLASSES_ROOT\clsid\{354382DB-DF55-4DA9-85A3-41696A0F510F} HbtHtmlMenuUI InstaFinder Browser Hijacker more information... Details: InstaFinder is an Internet Explorer Browser Helper search hijacker. Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\A0049649.EXE.VIR C:\Programme\AVPersonal\INFECTED\A0051993.DLL.VIR C:\Programme\AVPersonal\INFECTED\INSTAFINDERK_INST.EXE.001 C:\Programme\AVPersonal\INFECTED\INSTAFINDERK_INST.EXE.VIR C:\Programme\AVPersonal\INFECTED\INSTAFINK.DLL.VIR My Way Speedbar Browser Plug-in more information... Details: MyWay Speedbar is a search toolbar that installs into Internet Explorer and Netscape Navigator, adding search functions and popup blocking. Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\A0051991.DLL.VIR C:\Programme\AVPersonal\INFECTED\A0052065.DLL.VIR C:\Programme\AVPersonal\INFECTED\MY2NS.EXE.VIR C:\Programme\AVPersonal\INFECTED\MYBAR.DLL.VIR C:\Programme\AVPersonal\INFECTED\NPMYWAY.DLL.VIR Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC} myBar Installer2 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\ProgID MyWayToolBar.NetscapeStartup.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID Cydoor Adware more information... Details: Cydoor is an adware program that downloads advertisements from a server and displays them on your computer. Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\CD_CLINT.DLL.VIR Claria.GAIN Adware more information... Details: Claria's GAIN network consists of several applications inlcuding Gator eWallet, GotSmiley, ScreenSeenes, WebSecureAlert, DashBar, Weatherscope, Date Manager and Precision Time. Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\GATORRES.DLL.VIR C:\Programme\AVPersonal\INFECTED\GMT.EXE.VIR EUniverse Updater Browser Hijacker more information... Details: EUniverse is an adware program that runs at startup, generates popup ads, and performs a number of spyware related functions such as transmitting personal information and hijacking Internet Explorer. Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\RVUPDMGR.EXE.001 C:\Programme\AVPersonal\INFECTED\RVUPDMGR.EXE.VIR SysWebTelecomInt Dialer more information... Details: Porn dialer for www.sponsoradulto.com. Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\SYSWEBTELECOMINT.DLL.VIR KeenValue PerfectNav Browser Hijacker more information... Details: The PerfectNav Internet Explorer spyware software is designed to redirect your URL typing errors to PerfectNav's web page. Status: Deleted Infected files detected C:\Programme\AVPersonal\INFECTED\UPDMGR.EXE.VIR Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\HomePage HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\HomePage DefaultIEHomePage http://www.perfectnav.com/ HKEY_LOCAL_MACHINE\software\perfectnav HKEY_LOCAL_MACHINE\software\perfectnav\BHO\HomePage DefaultIEHomePage http://www.perfectnav.com/ HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS 404 http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=404&Keywords= HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS DNSNotFound http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=DNS&Keywords= HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS URLTranslation http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&Keywords= HKEY_LOCAL_MACHINE\software\perfectnav\BHO\RedirectURLS 4 ivwt;12wjvhjjpgis0yiskvmhp1gpo2pqeBysn@ HKEY_LOCAL_MACHINE\software\perfectnav\BHO INSTALLGUID 5805619B-F424-4EC6-AC25-21B1C6469003 HKEY_LOCAL_MACHINE\software\perfectnav UID 5D850852-6F3E-4FCE-9E38-415A7DF65B85 HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 404 http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=404&Keywords= HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS DNSNotFound http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=DNS&Keywords= HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS URLTranslation http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&Keywords= HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 4 ivwt;12wjvhjjpgis0yiskvmhp1gpo2pqeBysn@ HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\HomePage DefaultIEHomePage http://www.perfectnav.com/ HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 404 http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=404&Keywords= HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS DNSNotFound http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&arg=DNS&Keywords= HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS URLTranslation http://www.perfectnav.com/index.cfm?action=lookup&pc=pnkz&Keywords= HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO\RedirectURLS 4 ivwt;12wjvhjjpgis0yiskvmhp1gpo2pqeBysn@ HKEY_LOCAL_MACHINE\SOFTWARE\PerfectNav\BHO INSTALLGUID 5805619B-F424-4EC6-AC25-21B1C6469003 BearShare P2P more information... Details: BearShare is a file sharing network. The free version installs a number of known spyware and adware programs. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1 HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class Zango Search Assistant Adware more information... Details: Zango Search Assistant opens new browser windows showing websites based on the previous websites you visit. Status: Deleted Infected registry entries detected HKEY_CURRENT_USER\Software\zango HKEY_CURRENT_USER\Software\zango last_conn_h 29796802 HKEY_CURRENT_USER\Software\zango last_conn_l 375411904 HKEY_CURRENT_USER\Software\zango we 2 |
|
|
||
06.12.2006, 19:13
Ehrenmitglied
Beiträge: 29434 |
||
|
||
06.12.2006, 19:15
Member
Themenstarter Beiträge: 15 |
#9
Du wolltest das ja so, oder..?
REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 06.12.2006 19:15:45 for strings: ; 'winmedia32' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log... |
|
|
||
06.12.2006, 19:17
Ehrenmitglied
Beiträge: 29434 |
#10
counterpsy-Log war komplett ?? oder fehlt noch was ?
poste das neue log vom HijackThis __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.12.2006, 19:18
Member
Themenstarter Beiträge: 15 |
#11
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 06.12.2006 19:18:07 for strings: ; 'winfixer 2005' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WFX5U_is1] "Inno Setup: App Path"="C:\\Programme\\WinFixer 2005" "InstallLocation"="C:\\Programme\\WinFixer 2005\\" "Inno Setup: Icon Group"="WinFixer 2005" "DisplayName"="WinFixer 2005 1.1.29.3" "UninstallString"="\"C:\\Programme\\WinFixer 2005\\unins000.exe\"" "QuietUninstallString"="\"C:\\Programme\\WinFixer 2005\\unins000.exe\" /SILENT" [HKEY_USERS\S-1-5-21-1482476501-1202660629-854245398-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\WinFixer 2005] ; End Of The Log... REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 06.12.2006 19:20:38 for strings: ; 'spysheriff' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log... Dieser Beitrag wurde am 06.12.2006 um 19:22 Uhr von dj_orgie editiert.
|
|
|
||
06.12.2006, 19:22
Ehrenmitglied
Beiträge: 29434 |
#12
1.
Avenger Zitat registry keys to delete:2. Download Registry Search by Bobbi Flekman http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) df_kmd.sys in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.12.2006, 19:24
Member
Themenstarter Beiträge: 15 |
#13
der rest:
HKEY_CURRENT_USER\Software\zango geourl_current_version 12 HKEY_CURRENT_USER\Software\zango geourl_last_full_version 12 HKEY_CURRENT_USER\Software\zango actionurl_current_version 637 HKEY_CURRENT_USER\Software\zango actionurl_last_full_version 627 HKEY_CURRENT_USER\Software\zango keyword_current_version 1049 HKEY_CURRENT_USER\Software\zango keyword_last_full_version 1017 HKEY_CURRENT_USER\Software\zango recent_shown HKEY_CURRENT_USER\Software\zango key_int_high 29823681 HKEY_CURRENT_USER\Software\zango key_int_low -1903067376 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\MiscStatus 0 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ProgID ClientAX.RequiredComponent.1 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll, 101 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\TypeLib {5B6689B5-C2D4-4dc7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Version 1.0 HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\VersionIndependentProgID ClientAX.RequiredComponent HKEY_CLASSES_ROOT\clsid\{0AC49246-419B-4EE0-8917-8818DAAD6A4E} RequiredComponent Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Control HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0AC49246-419B-4EE0-8917-8818DAAD6A4E}\Programmable HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Control HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99410CDE-6F16-42ce-9D49-3807F78F0287}\Programmable HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda} HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_LOCAL_MACHINE\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\1.0 ClientAX 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\0\win32 C:\WINDOWS\Downloaded Program Files\ClientAX.dll HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0\HELPDIR C:\WINDOWS\Downloaded Program Files\ HKEY_CLASSES_ROOT\TypeLib\{5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA}\1.0 ClientAX 1.0 Type Library HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{F1F1E775-1B21-454D-8D38-7C16519969E5} IRequiredComponent HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} IRequiredComponent HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{ddea2e1d-8555-45e5-af09-ec9aa4ea27ad} IClientInstaller HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{DDEA2E1D-8555-45E5-AF09-EC9AA4EA27AD} IClientInstaller HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{f1f1e775-1b21-454d-8d38-7c16519969e5} IRequiredComponent HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\software\classes\interface\{2b0eceac-f597-4858-a542-d966b49055b9} IClientInstaller2 HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib {5B6689B5-C2D4-4DC7-BFD1-24AC17E5FCDA} HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{2B0ECEAC-F597-4858-A542-D966B49055B9} IClientInstaller2 misc.winsoftware.winfixer Misc more information... Details: Typically part of a bundle attack, WinFixer is a disabled, data repair utility that nags the user to purchase. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46} AppID {287A2BAD-6590-4EFF-9BBC-494385664A73} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB} AppID {25A3C995-10C8-474B-A167-99460AB4AB2B} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{538BC8F3-2E1E-4D2D-A261-158DF6E9B407}\InprocServer32 ThreadingModel free HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84C43108-013C-4513-8578-F50080B9C9D0}\InprocServer32 ThreadingModel free HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\InprocServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} AppID {E8928E69-C050-42A9-8884-94DE85E888A2} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 ThreadingModel Both HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd DisplayName df_kmd HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd ImagePath \??\C:\WINDOWS\System32\drivers\df_kmd.sys HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd ErrorControl 1 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd Start 1 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd Type 1 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd\Enum NextInstance 1 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd\Enum Count 1 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\df_kmd\Enum 0 Root\LEGACY_DF_KMD\0000 HKEY_CURRENT_USER\Software\WinSoftware HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_HIGH 33 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_LOW -2028888064 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_LOW -718020784 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_HIGH 29748353 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ScanFOF D:\Dokumente und Einstellungen\Franziska\Eigene Dateien HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings InstallDate 503908309 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings SaveRepairedFilesToPath C:\Programme\WinFixer 2005\Repaired HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings OverwriteAndBackupFilesToPath C:\Programme\WinFixer 2005\Backup HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings FirstRun 0 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_HIGH 29748337 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_LOW 296423248 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastScanErrorCount 1855 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TotalErrorCount 37896 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastStoredFile ...\Childrens - Cedarmont Kids - Action Bible Songs - This Little Light Of Mine (1).mp3 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings StoredFilesNum 2212 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ShowLastScanDlg 0 HKEY_CLASSES_ROOT\AppID\{25A3C995-10C8-474B-A167-99460AB4AB2B} HKEY_CLASSES_ROOT\AppID\{25A3C995-10C8-474B-A167-99460AB4AB2B} MMFixCtrl HKEY_CLASSES_ROOT\AppID\{287A2BAD-6590-4EFF-9BBC-494385664A73} HKEY_CLASSES_ROOT\AppID\{287A2BAD-6590-4EFF-9BBC-494385664A73} FixCore HKEY_CLASSES_ROOT\AppID\{290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\AppID\{290B5B73-4963-4BA1-9D2D-07CB566CB7FA} CompCleanCore HKEY_CLASSES_ROOT\AppID\{8C65AEF6-E413-4314-815B-82717A3F1603} HKEY_CLASSES_ROOT\AppID\{8C65AEF6-E413-4314-815B-82717A3F1603} CheckProduct2 HKEY_CLASSES_ROOT\AppID\{E8928E69-C050-42A9-8884-94DE85E888A2} HKEY_CLASSES_ROOT\AppID\{E8928E69-C050-42A9-8884-94DE85E888A2} FFWraper HKEY_CLASSES_ROOT\AppID\CheckProduct2.DLL HKEY_CLASSES_ROOT\AppID\CheckProduct2.DLL AppID {8C65AEF6-E413-4314-815B-82717A3F1603} HKEY_CLASSES_ROOT\AppID\compcln.dll HKEY_CLASSES_ROOT\AppID\compcln.dll AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\AppID\FFWraper.DLL HKEY_CLASSES_ROOT\AppID\FFWraper.DLL AppID {E8928E69-C050-42A9-8884-94DE85E888A2} HKEY_CLASSES_ROOT\AppID\FixCore.DLL HKEY_CLASSES_ROOT\AppID\FixCore.DLL AppID {287A2BAD-6590-4EFF-9BBC-494385664A73} HKEY_CLASSES_ROOT\AppID\MMFixCtrl.DLL HKEY_CLASSES_ROOT\AppID\MMFixCtrl.DLL AppID {25A3C995-10C8-474B-A167-99460AB4AB2B} HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B} HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CurVer CheckProduct2.CheckProduct.1 HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct CheckProduct Class HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1 HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B} HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1 CheckProduct Class HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306} HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 C:\Programme\WinFixer 2005\MMFix.dll HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\CLSID\{08C71FB1-1E66-4D22-9F32-4C045A451306} PSFactoryBuffer HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46} HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 C:\Programme\WinFixer 2005\FixCore.dll HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\ProgID FixCore.MMFixCore.1 HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\TypeLib {FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64} HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46}\VersionIndependentProgID FixCore.MMFixCore HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46} MMFixCore Class HKEY_CLASSES_ROOT\CLSID\{1CDEB41B-905A-4183-AA20-26E075419B46} AppID {287A2BAD-6590-4EFF-9BBC-494385664A73} HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD} HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\ProgID CompCleanCore.SystemCleaner.1 HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD}\VersionIndependentProgID CompCleanCore.SystemCleaner HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD} SystemCleaner Class HKEY_CLASSES_ROOT\CLSID\{38EDB9E2-D7C4-4575-8905-FE65414FFEAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB} HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 C:\Programme\WinFixer 2005\MMFix.dll HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\ProgID MMFixCtrl.CoFixEngine.1 HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\ToolboxBitmap32 C:\Programme\WinFixer 2005\MMFix.dll, 103 HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1} HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB}\VersionIndependentProgID MMFixCtrl.CoFixEngine HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB} CoFixEngine Class HKEY_CLASSES_ROOT\CLSID\{48349992-1402-4C67-B45B-2E619E641FDB} AppID {25A3C995-10C8-474B-A167-99460AB4AB2B} HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\ProgID CompCleanCore.CCQuickScan.1 HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\VersionIndependentProgID CompCleanCore.CCQuickScan HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} CCQuickScan Class HKEY_CLASSES_ROOT\CLSID\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\ProgID CompCleanCore.RegCleaner.1 HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\VersionIndependentProgID CompCleanCore.RegCleaner HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} RegCleaner Class HKEY_CLASSES_ROOT\CLSID\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\ProgID CompCleanCore.AppCleaner.1 HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\VersionIndependentProgID CompCleanCore.AppCleaner HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppCleaner Class HKEY_CLASSES_ROOT\CLSID\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238} HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\InprocServer32 C:\PROGRA~1\WINFIX~1\ffCom.dll HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\InprocServer32 ThreadingModel Both HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\ProgID FFCom.FlFixer HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\TypeLib {AD70AC89-F460-4E7E-B5A5-7EAF7E207736} HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{AA69BBFC-1D28-4960-8061-93C1BB156238} FlFixer Object HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 C:\Programme\WinFixer 2005\FFWraper.dll HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ProgID FFWraper.FFEnginWraper.1 HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ToolboxBitmap32 C:\Programme\WinFixer 2005\FFWraper.dll, 103 HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7} HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\VersionIndependentProgID FFWraper.FFEnginWraper HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} FFEnginWraper Class HKEY_CLASSES_ROOT\CLSID\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} AppID {E8928E69-C050-42A9-8884-94DE85E888A2} HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860} HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\ProgID CompCleanCore.InetCleaner.1 HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860}\VersionIndependentProgID CompCleanCore.InetCleaner HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860} InetCleaner Class HKEY_CLASSES_ROOT\CLSID\{B5E427F9-AB38-4348-9076-86870C2BE860} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\ProgID CompCleanCore.FileCleaner.1 HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\VersionIndependentProgID CompCleanCore.FileCleaner HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} FileCleaner Class HKEY_CLASSES_ROOT\CLSID\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B} HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 C:\Programme\Gemeinsame Dateien\WinSoftware\PCheck.dll HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 ThreadingModel Both HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\ProgID CheckProduct2.CheckProduct.1 HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\TypeLib {30ED49A5-CA6C-4918-B5F3-5E6818C91D8B} HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B}\VersionIndependentProgID CheckProduct2.CheckProduct HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B} CheckProduct Class HKEY_CLASSES_ROOT\CLSID\{C427B3E3-28DC-4001-9590-D99B6776119B} AppID {8C65AEF6-E413-4314-815B-82717A3F1603} HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 C:\Programme\WinFixer 2005\FixCore.dll HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\CLSID\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} PSFactoryBuffer HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9} HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CurVer CompCleanCore.AppCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner AppCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9} HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1 AppCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CLSID {53ABACCB-434C-4756-A02B-8C2A3F29FB7D} HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CurVer CompCleanCore.CCQuickScan.1 HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan CCQuickScan Class HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan.1 HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan.1\CLSID {53ABACCB-434C-4756-A02B-8C2A3F29FB7D} HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan.1 CCQuickScan Class HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA} HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CurVer CompCleanCore.FileCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner FileCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA} HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1 FileCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CLSID {B5E427F9-AB38-4348-9076-86870C2BE860} HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CurVer CompCleanCore.InetCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner InetCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner.1\CLSID {B5E427F9-AB38-4348-9076-86870C2BE860} HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner.1 InetCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner\CLSID {66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner\CurVer CompCleanCore.RegCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner RegCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner.1\CLSID {66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} HKEY_CLASSES_ROOT\CompCleanCore.RegCleaner.1 RegCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner\CLSID {38EDB9E2-D7C4-4575-8905-FE65414FFEAD} HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner\CurVer CompCleanCore.SystemCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner SystemCleaner Class HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner.1\CLSID {38EDB9E2-D7C4-4575-8905-FE65414FFEAD} HKEY_CLASSES_ROOT\CompCleanCore.SystemCleaner.1 SystemCleaner Class HKEY_CLASSES_ROOT\FFCom.FlFixer HKEY_CLASSES_ROOT\FFCom.FlFixer\Clsid {AA69BBFC-1D28-4960-8061-93C1BB156238} HKEY_CLASSES_ROOT\FFCom.FlFixer FlFixer Object HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C} HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CurVer FFWraper.FFEnginWraper.1 HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper FFEnginWraper Class HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1 HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C} HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1 FFEnginWraper Class HKEY_CLASSES_ROOT\FixCore.MMFixCore HKEY_CLASSES_ROOT\FixCore.MMFixCore\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46} HKEY_CLASSES_ROOT\FixCore.MMFixCore\CurVer FixCore.MMFixCore.1 HKEY_CLASSES_ROOT\FixCore.MMFixCore MMFixCore Class HKEY_CLASSES_ROOT\FixCore.MMFixCore.1 HKEY_CLASSES_ROOT\FixCore.MMFixCore.1\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46} HKEY_CLASSES_ROOT\FixCore.MMFixCore.1 MMFixCore Class HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306} HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\NumMethods 21 HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\ProxyStubClsid32 {08C71FB1-1E66-4D22-9F32-4C045A451306} HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1} HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{08C71FB1-1E66-4D22-9F32-4C045A451306} IFixEngine HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900} HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\NumMethods 12 HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{1CE1C25B-F8B4-4974-99D2-5D4AE96B9900} IRegCleaner HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020} HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\TypeLib {B6625280-8CD8-4632-97C0-83CEC12A49A3} HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{35096C29-3507-4ABE-B6D8-C7CC881BE020} IDriverManipulate HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284} HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\TypeLib {B6625280-8CD8-4632-97C0-83CEC12A49A3} HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{38F743A2-210F-49DE-9B79-DCD501CED284} IReadWrite HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61} HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1} HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{3EEC290D-FC13-4C83-803D-4802651EEB61} _IFixEngineEvents HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B} HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\NumMethods 21 HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\ProxyStubClsid32 {08C71FB1-1E66-4D22-9F32-4C045A451306} HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1} HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{41A5BBF6-3C9D-4CF9-9A99-32DD37CC290B} IFileTitleDB HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398} HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\NumMethods 12 HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{4E4F38D9-8736-41AE-B192-E829AE194398} ISystemCleaner HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA} HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\TypeLib {30ED49A5-CA6C-4918-B5F3-5E6818C91D8B} HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{4F79D1C5-24F9-4E59-8022-604D4B41D5CA} ICheckProduct HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC} HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{66484903-09F4-4330-927D-1F6C214221AC} _ICompCleanCoreEvents HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F} HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\NumMethods 12 HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{7FA14AD6-D8E5-465F-9BD1-A37E26C1A74F} IAppCleaner HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F} HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\TypeLib {AD70AC89-F460-4E7E-B5A5-7EAF7E207736} HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{9E984934-CD94-4763-9DBC-618E483D4B7F} IFlFixerEvents HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C} HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\TypeLib {0E9F6AC0-A21A-4591-910F-E2C6F3CA094C} HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{B115BD8E-B008-46F4-B8B6-3405EB325C3C} _IDriveFixerEvents HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922} HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\NumMethods 10 HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{B9DFCF32-B679-4CAD-B7FC-518A48CE3922} IQScan2 HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\NumMethods 16 HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\ProxyStubClsid32 {CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\TypeLib {FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64} HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} IMMFixCore HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70} HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\NumMethods 9 HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{CBEEF194-EBC5-4758-9B51-AC34FC135E70} IQScan HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C} HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7} HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{CD3604CC-2B95-43EE-AFC9-E7444C21BE1C} IFFEnginWraper HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809} HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809}\NumMethods 5 HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{D21040FE-0A57-4FAB-8ED2-F0E653E55809} IAbortChecker HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100} HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\NumMethods 12 HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{D7A2488E-53E4-4EDD-AEAA-F24778BEB100} IInetCleaner HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7} HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\TypeLib {0E9F6AC0-A21A-4591-910F-E2C6F3CA094C} HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{D7A6DF8D-B6CF-4C27-8E99-ECA2CE370EA7} IDriveFixer HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\NumMethods 15 HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\ProxyStubClsid32 {F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} IFileCleaner HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A} HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\TypeLib {AD70AC89-F460-4E7E-B5A5-7EAF7E207736} HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{F6C1582E-B11C-4724-B8F6-240457EF1D2A} IFlFixer HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB} HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7} HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{FB787D5E-0C7C-4BAB-B45D-20325FB886DB} _IFFEnginWraperEvents HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine\CLSID {48349992-1402-4C67-B45B-2E619E641FDB} HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine\CurVer MMFixCtrl.CoFixEngine.1 HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine CoFixEngine Class HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine.1 HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine.1\CLSID {48349992-1402-4C67-B45B-2E619E641FDB} HKEY_CLASSES_ROOT\MMFixCtrl.CoFixEngine.1 CoFixEngine Class HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C} HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0\0\win32 C:\Programme\WinFixer 2005\df_fixer.dll HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0\HELPDIR C:\Programme\WinFixer 2005\ HKEY_CLASSES_ROOT\TypeLib\{0E9F6AC0-A21A-4591-910F-E2C6F3CA094C}\1.0 df_fixer 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B} HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0\0\win32 C:\Programme\Gemeinsame Dateien\WinSoftware\PCheck.dll HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0\HELPDIR C:\Programme\Gemeinsame Dateien\WinSoftware\ HKEY_CLASSES_ROOT\TypeLib\{30ED49A5-CA6C-4918-B5F3-5E6818C91D8B}\1.0 CheckProduct2 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7} HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0\0\win32 C:\Programme\WinFixer 2005\FFWraper.dll HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0\HELPDIR C:\Programme\WinFixer 2005\ HKEY_CLASSES_ROOT\TypeLib\{4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7}\1.0 FFWraper 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1} HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0\0\win32 C:\Programme\WinFixer 2005\MMFix.dll HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0\HELPDIR C:\Programme\WinFixer 2005\ HKEY_CLASSES_ROOT\TypeLib\{6A077841-5016-42C8-92C8-F2D6B865BCD1}\1.0 MMFixCtrl 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736} HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0\0\win32 C:\Programme\WinFixer 2005\ffCom.dll HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0\HELPDIR C:\Programme\WinFixer 2005\ HKEY_CLASSES_ROOT\TypeLib\{AD70AC89-F460-4E7E-B5A5-7EAF7E207736}\1.0 FFCom Library HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3} HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0\0\win32 C:\Programme\WinFixer 2005\df_proxy.dll HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0\HELPDIR C:\Programme\WinFixer 2005\ HKEY_CLASSES_ROOT\TypeLib\{B6625280-8CD8-4632-97C0-83CEC12A49A3}\1.0 df_proxy 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0\0\win32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0\HELPDIR C:\Programme\WinFixer 2005\ HKEY_CLASSES_ROOT\TypeLib\{F458ADAE-D53B-4859-B99F-9FA127791278}\1.0 WinSoftware Computer Cleaner core 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64} HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0\0\win32 C:\Programme\WinFixer 2005\FixCore.dll HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0\HELPDIR C:\Programme\WinFixer 2005\ HKEY_CLASSES_ROOT\TypeLib\{FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64}\1.0 FixCore 1.0 Type Library HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\df_kmd.sys HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\df_kmd.sys Driver HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\df_kmd.sys HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\df_kmd.sys Driver HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\CLSID\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} PSFactoryBuffer PWS-Banker Password Stealer more information... Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78364D99-A640-4ddf-B91A-67EFF8373045} Winfixer Potentially Unwanted Software more information... Details: Winfixer is known to be installed through inappropriate bundling and without users consent. It is a software that scans the users system for damaged files and attempts to fix it if the user pays a fee. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CLSID {B5E427F9-AB38-4348-9076-86870C2BE860} HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner\CurVer CompCleanCore.InetCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.InetCleaner InetCleaner Class HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860} HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\ProgID CompCleanCore.InetCleaner.1 HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860}\VersionIndependentProgID CompCleanCore.InetCleaner HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860} InetCleaner Class HKEY_CLASSES_ROOT\clsid\{B5E427F9-AB38-4348-9076-86870C2BE860} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CLSID {53ABACCB-434C-4756-A02B-8C2A3F29FB7D} HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan\CurVer CompCleanCore.CCQuickScan.1 HKEY_CLASSES_ROOT\CompCleanCore.CCQuickScan CCQuickScan Class HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB} HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 C:\Programme\WinFixer 2005\MMFix.dll HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\MiscStatus 0 HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\ProgID MMFixCtrl.CoFixEngine.1 HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\ToolboxBitmap32 C:\Programme\WinFixer 2005\MMFix.dll, 103 HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\TypeLib {6A077841-5016-42C8-92C8-F2D6B865BCD1} HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\Version 1.0 HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB}\VersionIndependentProgID MMFixCtrl.CoFixEngine HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB} CoFixEngine Class HKEY_CLASSES_ROOT\clsid\{48349992-1402-4C67-B45B-2E619E641FDB} AppID {25A3C995-10C8-474B-A167-99460AB4AB2B} HKEY_CLASSES_ROOT\df_fixer.Fixer.1 HKEY_CLASSES_ROOT\df_fixer.Fixer.1\CLSID {538BC8F3-2E1E-4D2D-A261-158DF6E9B407} HKEY_CLASSES_ROOT\df_fixer.Fixer.1 CFixer Object HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B} HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct\CurVer CheckProduct2.CheckProduct.1 HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct CheckProduct Class HKEY_CLASSES_ROOT\FixCore.MMFixCore.1 HKEY_CLASSES_ROOT\FixCore.MMFixCore.1\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46} HKEY_CLASSES_ROOT\FixCore.MMFixCore.1 MMFixCore Class HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 C:\Programme\WinFixer 2005\FixCore.dll HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\clsid\{CAE8A9B1-ABBD-4159-A485-1DA045A5D4A1} PSFactoryBuffer HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9} HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner.1 AppCleaner Class HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\ProgID CompCleanCore.CCQuickScan.1 HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D}\VersionIndependentProgID CompCleanCore.CCQuickScan HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} CCQuickScan Class HKEY_CLASSES_ROOT\clsid\{53ABACCB-434C-4756-A02B-8C2A3F29FB7D} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Security Security HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum 0 Root\LEGACY_DF_KMD\0000 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum Count 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum NextInstance 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd\Enum INITSTARTFAILED 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd Type 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd Start 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd ErrorControl 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd ImagePath \??\C:\WINDOWS\system32\drivers\df_kmd.sys HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\df_kmd DisplayName df_kmd HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1 HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C} HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper.1 FFEnginWraper Class HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46} HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 C:\Programme\WinFixer 2005\FixCore.dll HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\ProgID FixCore.MMFixCore.1 HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\TypeLib {FC76A5B8-DB35-4F3E-8B9A-BF0EEA098D64} HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46}\VersionIndependentProgID FixCore.MMFixCore HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46} MMFixCore Class HKEY_CLASSES_ROOT\clsid\{1CDEB41B-905A-4183-AA20-26E075419B46} AppID {287A2BAD-6590-4EFF-9BBC-494385664A73} HKEY_CLASSES_ROOT\df_proxy.DriverManipulate.1 HKEY_CLASSES_ROOT\df_proxy.DriverManipulate.1\CLSID {84C43108-013C-4513-8578-F50080B9C9D0} HKEY_CLASSES_ROOT\df_proxy.DriverManipulate.1 CDriverManipulate Object HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA} HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner\CurVer CompCleanCore.FileCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner FileCleaner Class HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1 HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1\CLSID {C427B3E3-28DC-4001-9590-D99B6776119B} HKEY_CLASSES_ROOT\CheckProduct2.CheckProduct.1 CheckProduct Class HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306} HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 C:\Programme\WinFixer 2005\MMFix.dll HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\clsid\{08C71FB1-1E66-4D22-9F32-4C045A451306} PSFactoryBuffer HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\ProgID CompCleanCore.FileCleaner.1 HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA}\VersionIndependentProgID CompCleanCore.FileCleaner HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} FileCleaner Class HKEY_CLASSES_ROOT\clsid\{C0BC364F-AB33-4778-8047-5A2148E0ECDA} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CLSID {9CC1BE04-3B42-4442-9A46-77E8BC1108F9} HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner\CurVer CompCleanCore.AppCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.AppCleaner AppCleaner Class HKEY_CURRENT_USER\Software\WinSoftware HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_HIGH 33 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_TIMEOUT_LOW -2028888064 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_LOW -718020784 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TARGET_TIME_HIGH 29748353 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ScanFOF D:\Dokumente und Einstellungen\Franziska\Eigene Dateien HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings InstallDate 503908309 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings SaveRepairedFilesToPath C:\Programme\WinFixer 2005\Repaired HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings OverwriteAndBackupFilesToPath C:\Programme\WinFixer 2005\Backup HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings FirstRun 0 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_HIGH 29748337 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LAST_SCAN_LOW 296423248 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastScanErrorCount 1855 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings TotalErrorCount 37896 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings LastStoredFile ...\Childrens - Cedarmont Kids - Action Bible Songs - This Little Light Of Mine (1).mp3 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings StoredFilesNum 2212 HKEY_CURRENT_USER\Software\WinSoftware\WinFixer 2005\Settings ShowLastScanDlg 0 HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\ProgID CompCleanCore.AppCleaner.1 HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9}\VersionIndependentProgID CompCleanCore.AppCleaner HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppCleaner Class HKEY_CLASSES_ROOT\clsid\{9CC1BE04-3B42-4442-9A46-77E8BC1108F9} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 C:\Programme\WinFixer 2005\FFWraper.dll HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\MiscStatus 0 HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ProgID FFWraper.FFEnginWraper.1 HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\ToolboxBitmap32 C:\Programme\WinFixer 2005\FFWraper.dll, 103 HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\TypeLib {4DCEEA42-794D-4855-9ECC-20DCF5F4FEA7} HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\Version 1.0 HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C}\VersionIndependentProgID FFWraper.FFEnginWraper HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} FFEnginWraper Class HKEY_CLASSES_ROOT\clsid\{B096A483-0ABD-4AF0-856A-CAD36145AF5C} AppID {E8928E69-C050-42A9-8884-94DE85E888A2} HKEY_CLASSES_ROOT\df_proxy.DriverManipulate HKEY_CLASSES_ROOT\df_proxy.DriverManipulate\CLSID {84C43108-013C-4513-8578-F50080B9C9D0} HKEY_CLASSES_ROOT\df_proxy.DriverManipulate\CurVer df_proxy.DriverManipulate.1 HKEY_CLASSES_ROOT\df_proxy.DriverManipulate CDriverManipulate Object HKEY_CLASSES_ROOT\df_fixer.Fixer HKEY_CLASSES_ROOT\df_fixer.Fixer\CLSID {538BC8F3-2E1E-4D2D-A261-158DF6E9B407} HKEY_CLASSES_ROOT\df_fixer.Fixer\CurVer df_fixer.Fixer.1 HKEY_CLASSES_ROOT\df_fixer.Fixer CFixer Object HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\ProgID CompCleanCore.RegCleaner.1 HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\TypeLib {F458ADAE-D53B-4859-B99F-9FA127791278} HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD}\VersionIndependentProgID CompCleanCore.RegCleaner HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} RegCleaner Class HKEY_CLASSES_ROOT\clsid\{66A9C4D0-BC54-4841-8FAA-DB98CBB77BAD} AppID {290B5B73-4963-4BA1-9D2D-07CB566CB7FA} HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 C:\Programme\WinFixer 2005\compcln.dll HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\clsid\{F41C1430-CFDE-4AD3-B38D-7890F0843E47} PSFactoryBuffer HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1 HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1\CLSID {C0BC364F-AB33-4778-8047-5A2148E0ECDA} HKEY_CLASSES_ROOT\CompCleanCore.FileCleaner.1 FileCleaner Class HKEY_CLASSES_ROOT\FixCore.MMFixCore HKEY_CLASSES_ROOT\FixCore.MMFixCore\CLSID {1CDEB41B-905A-4183-AA20-26E075419B46} HKEY_CLASSES_ROOT\FixCore.MMFixCore\CurVer FixCore.MMFixCore.1 HKEY_CLASSES_ROOT\FixCore.MMFixCore MMFixCore Class HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CLSID {B096A483-0ABD-4AF0-856A-CAD36145AF5C} HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper\CurVer FFWraper.FFEnginWraper.1 HKEY_CLASSES_ROOT\FFWraper.FFEnginWraper FFEnginWraper Class HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B} HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 C:\Programme\Gemeinsame Dateien\WinSoftware\PCheck.dll HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\InprocServer32 ThreadingModel Both HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\ProgID CheckProduct2.CheckProduct.1 HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\TypeLib {30ED49A5-CA6C-4918-B5F3-5E6818C91D8B} HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B}\VersionIndependentProgID CheckProduct2.CheckProduct HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B} CheckProduct Class HKEY_CLASSES_ROOT\clsid\{C427B3E3-28DC-4001-9590-D99B6776119B} AppID {8C65AEF6-E413-4314-815B-82717A3F1603} HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0} HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0}\InprocServer32 C:\Programme\WinFixer 2005\df_proxy.dll HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0}\InprocServer32 ThreadingModel free HKEY_CLASSES_ROOT\clsid\{84C43108-013C-4513-8578-F50080B9C9D0}\ProgID df_proxy. |
|
|
||
06.12.2006, 19:25
Ehrenmitglied
Beiträge: 29434 |
#14
gut, das wollte ich sehen
arbeite dennoch das obrige ab __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
06.12.2006, 19:30
Member
Themenstarter Beiträge: 15 |
#15
Also mal wieder vielen Dank! Ich hab jetzt noch einen Termin, werde aber morgen früh wieder da sein... Der Bildschirm ist wieder normal und das war mal die Hauptsache! Hier noch den Report vom Regsearch:
REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 06.12.2006 19:30:01 for strings: ; 'df_kmd.sys' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log... Dieser Beitrag wurde am 06.12.2006 um 19:33 Uhr von dj_orgie editiert.
|
|
|
||
Meine Freundin hat auf ihrem Computer Desktop ständig die Meldung "Spyware Infection" in rot, auf einem schwarzen Hintergrund mit Blauem Rahmen. "Your System is infected with spyware. Windows recommends you to use a spyware removal tool to prevent loss of important data,..."
Beim Hochfahren kommt kurz das eigentliche Hintergrundbild und dann die Meldung, welche nicht mehr weg geht. Im Prinzip funktioniert der Computer, aber der hässliche Hintergrund nervt schon ein wenig^^
Auf dem Computer meiner Freundin ist Wartung und Update ein Fremdwort. Aber trotz allem hat sie warum auch immer diverse Programme installiert:
TuneUp und Norton Utilities, Spybot, Winfixer 2005, DATA Becker und noch Antivir... Das wären die Programme, die vielleicht der Auslöser des Problems sein könnten... Aber sie hat noch viel mehr drauf. Ich persönlich würde behaupten, dass da zu viel Müll drauf ist. Allein mit CleanUP hab ich über 2GB temporäre Dateien gelöscht...
Was ich noch gesehen habe war ein "Programm" das Zango heißt und mit dem man so Javagames oder ähnliches runterladen kann.
Hat jemand Hilfe??
HiJack sagt das:
Logfile of HijackThis v1.99.1
Scan saved at 13:33:11, on 03.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\AVPersonal\AVSCHED32.EXE
C:\Programme\QuickTime\qttask.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-COM\T-COM WLAN Manager T-Sinus 154data\Installer\WINXP\DTUSB11GMonitor.exe
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\oodag.exe
C:\Programme\Speed Disk\nopdb.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Dokumente und Einstellungen\Franziska\Desktop\Wartung\Neuer Ordner\hijackthis_199\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;10.*;*.bwl.de
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O1 - Hosts: 69.64.35.177 auto.search.msn.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - (no file)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6EF2B03F-36B0-47F2-AC9C-B20C9C3A72B3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {78364D99-A640-4ddf-B91A-67EFF8373045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSCHED32.EXE /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [zango] "c:\programme\zango\zango.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: T-COM WLAN Manager T-Sinus 154data.lnk = C:\Programme\T-COM\T-COM WLAN Manager T-Sinus 154data\Installer\WINXP\DTUSB11GMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {00000000-7777-0704-0B53-2C8830E9FAEC} - http://gn.one2bill.de/soft/axload.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107711238131
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} - http://playroom.icq.com/odyssey_web11.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.serviceurl.de/InstallationsAssistent.ocx
O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\Programme\Speed Disk\nopdb.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe