Begin2Search - AdWare.Beginto.c - HotSearchBar
HijackThis
O2 - BHO: ohb - {8037F7F0-80B6-453A-A7CB-5371A4A09BB8} - C:\WINDOWS\System32\nss41.dll
O2 - BHO: ohb - {8037F7F0-80B6-453A-A7CB-5371A4A09BB8} - C:\WINDOWS\System32\nsz12A.dll
O2 - BHO: ohb - {8037F7F0-80B6-453A-A7CB-5371A4A09BB8} - C:\WINDOWS\system32\nsd4.dll
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\system32\nsn274.dll
O2 - BHO: SSL encrypt - {0B6899B6-1564-43e0-BD93-F7CF930A5E5C} - C:\WINDOWS\System32\nsv20D3.dll
O2 - BHO: RieMon Class - {70F6A776-579A-4C95-BA88-134253907752} - C:\WINDOWS\System32\irsmwncv.dll
O2 - BHO: IRiras Class - {95C60327-8E17-44D6-98EB-7EB70CC606DD} - C:\WINDOWS\System32\irasvmxv.dll
O2 - BHO: ohb - {9ADE0443-2AB2-4B23-A3F8-AC520773DE12} - C:\WINDOWS\System32\nsp10B8.dll
O4 - HKCU\..\Run: [irassync] C:\WINDOWS\System32\irasyncd.exe
O4 - HKCU\..\Run: [irssyncd] C:\WINDOWS\System32\irssyncd.exe
HKU\S-1-5-21-448539723-1563985344-839522115-1004\Software\
Microsoft\Windows\CurrentVersion\Ext\Stats\{8037F7F0-80B6-453A-A7CB-5371A4A09BB8} -> Adware.Begin2Search :
ewido
C:\WINDOWS\system32\nsk43.dll -> AdWare.Beginto.c
C:\WINDOWS\system32\nsa5D.dll -> Adware.HotSearchBar
C:\WINDOWS\system32\nsa60.dll -> Adware.HotSearchBar
C:\WINDOWS\system32\nsaF8.dll -> Adware.HotSearchBar
C:\WINDOWS\system32\free stuff (11)1.ico
C:\WINDOWS\system32\body41231.ico
C:\WINDOWS\system32\babe4123.ico
C:\WINDOWS\system32\pc8121.ico
C:\WINDOWS\system32\free stuff (9)1212.ico
C:\WINDOWS\system32\stopspywaddrdde1.ico
C:\WINDOWS\system32\adult (2)ddxad123.ico
C:\WINDOWS\system32\free stuff (2).ico
C:\WINDOWS\system32\tangerine123.ico
C:\WINDOWS\system32\babe41231.ico
C:\WINDOWS\system32\pc812123.ico
C:\WINDOWS\system32\free stuff (9)121.ico
C:\WINDOWS\system32\stopspywaddrdde11.ico
C:\WINDOWS\system32\adult (2)ddxad1231.ico
C:\WINDOWS\system32\free stuff (2)1.ico
C:\WINDOWS\system32\sexy girls dating (11)xx123.ico
C:\WINDOWS\system32\sexy girls dating (1)xdda123d1.ico
C:\WINDOWS\system32\hotbabe41231.ico
C:\WINDOWS\system32\ecreditcard121.ico
C:\WINDOWS\system32\gambling (12)asd.ico
C:\WINDOWS\system32\popup blockerxxasxa123d.ico
C:\WINDOWS\system32\spyware killerxx123.ico
C:\WINDOWS\system32\babeddd6123asd1.ico
C:\WINDOWS\system32\dessert recipes (6).ico
C:\WINDOWS\system32\babeasdasd412312345.ico
C:\WINDOWS\system32\sexy girls dating (10)asd.ico
C:\WINDOWS\system32\babeddd6123123.ico
C:\WINDOWS\system32\spyware killer (39)xad.ico
C:\WINDOWS\system32\fns-popup blockerddxad12.ico
C:\WINDOWS\system32\AuxDrv32b_g.oxc
C:\WINDOWS\system32\SndDrv32a_g.oxc
C:\WINDOWS\system32\paytime.exe
C:\WINDOWS\secure32.html
C:\WINDOWS\soft.exe
C:\Programme\AdvancedSearchbar\advancedsearchbar.dll
C:\WINDOWS\System32\nsz12A.dll
C:\WINDOWS\System32\nsz12A.dll
C:\WINDOWS\System32\nsk43.dll
C:\WINDOWS\System32\nsk3F.dll
C:\WINDOWS\System32\nsk11.dll
C:\WINDOWS\System32\nsj5CF.dll
C:\WINDOWS\System32\nsj508.dll
C:\WINDOWS\System32\nsiE9.dll
C:\WINDOWS\System32\nsa60.dll
C:\WINDOWS\System32\nsf15C.dll
C:\WINDOWS\System32\nsaF8.dll
C:\WINDOWS\System32\nsl5A5.dll
C:\WINDOWS\System32\nsi5FA.dll
C:\WINDOWS\System32\nslAA.dll
C:\WINDOWS\System32\nslB8.dll
C:\WINDOWS\System32\nslBA.dll
C:\WINDOWS\System32\nsm5E5.dll
C:\WINDOWS\System32\nsm5F.dll
C:\WINDOWS\System32\nseC9.dll
C:\WINDOWS\System32\nse144.dll
C:\WINDOWS\System32\nsnBE.dll
C:\WINDOWS\System32\nsnE.dll
C:\WINDOWS\System32\nsl58B.dll
C:\WINDOWS\System32\nso133.dll
C:\WINDOWS\System32\nsi145.dll
C:\WINDOWS\System32\nsoB.dll
C:\WINDOWS\System32\nsp173.dll
C:\WINDOWS\System32\nsp48.dll
C:\WINDOWS\System32\nsp521.dll
C:\WINDOWS\System32\nsp5BA.dll
C:\WINDOWS\System32\nsqDF.dll
C:\WINDOWS\System32\nsr47.dll
C:\WINDOWS\System32\nss187.dll
C:\WINDOWS\System32\nss4BA.dll
C:\WINDOWS\System32\nss94.dll
|
C:\WINDOWS\System32\nssEC.dll
C:\WINDOWS\System32\nst175.dll
C:\WINDOWS\System32\nst4D8.dll
C:\WINDOWS\System32\nsu1C6.dll
C:\WINDOWS\System32\nsu6B.dll
C:\WINDOWS\System32\nsu7E.dll
C:\WINDOWS\System32\nsd55.dll
C:\WINDOWS\System32\nsuB5.dll
C:\WINDOWS\System32\nsv29.dll
C:\WINDOWS\System32\nsh110.dll
C:\WINDOWS\System32\nsv51F.dll
C:\WINDOWS\System32\nsv560.dll
C:\WINDOWS\System32\nsv58D.dll
C:\WINDOWS\System32\nsvA6.dll
C:\WINDOWS\System32\nsw24.dll
C:\WINDOWS\System32\nsw4A5.dll
C:\WINDOWS\System32\nsc15F.dll
C:\WINDOWS\System32\nsy57F.dll
C:\WINDOWS\System32\nsyF0.dll
C:\WINDOWS\System32\nsyF5.dll
C:\WINDOWS\System32\nsz12A.dll
C:\WINDOWS\System32\nsz612.dll
C:\WINDOWS\System32\nsu80.dll
C:\WINDOWS\System32\nso627.dll
C:\WINDOWS\System32\nsg4F2.dll
C:\WINDOWS\System32\psnsti.exe
|
datfindbat
Verzeichnis von C:\WINDOWS\system32
17.02.2006 19:16 21.643 FFASTLOG.TXT
17.02.2006 19:09 35.864 vsconfig.xml
17.02.2006 18:53 2.238 free stuff (11)1.ico
17.02.2006 18:53 3.262 body41231.ico
17.02.2006 18:53 2.238 babe4123.ico
17.02.2006 18:53 2.238 pc8121.ico
17.02.2006 18:53 2.238 free stuff (9)1212.ico
17.02.2006 18:53 2.238 stopspywaddrdde1.ico
17.02.2006 18:53 2.238 adult (2)ddxad123.ico
17.02.2006 18:53 3.638 free stuff (2).ico
14.02.2006 17:12 3.638 tangerine123.ico
11.02.2006 00:52 2.238 babe41231.ico
11.02.2006 00:52 2.238 pc812123.ico
11.02.2006 00:52 2.238 free stuff (9)121.ico
11.02.2006 00:52 2.238 stopspywaddrdde11.ico
11.02.2006 00:52 2.238 adult (2)ddxad1231.ico
11.02.2006 00:52 3.638 free stuff (2)1.ico
10.02.2006 20:49 2.238 sexy girls dating (11)xx123.ico
10.02.2006 20:49 2.238 sexy girls dating (1)xdda123d1.ico
10.02.2006 20:49 4.286 hotbabe41231.ico
09.02.2006 20:43 10.134 ecreditcard121.ico
06.02.2006 11:06 2.238 gambling (12)asd.ico
30.01.2006 19:03 2.238 popup blockerxxasxa123d.ico
30.01.2006 19:03 2.238 spyware killerxx123.ico
29.12.2005 17:04 2.238 babeddd6123asd1.ico
29.12.2005 17:04 3.638 dessert recipes (6).ico
29.12.2005 17:04 2.238 babeasdasd412312345.ico
29.12.2005 17:04 2.238 sexy girls dating (10)asd.ico
29.12.2005 17:04 2.238 babeddd6123123.ico
29.12.2005 17:04 2.238 spyware killer (39)xad.ico
29.12.2005 17:04 2.238 fns-popup blockerddxad12.ico
27.12.2005 23:57 41 AuxDrv32b_g.oxc
27.12.2005 23:57 41 SndDrv32a_g.oxc
27.12.2005 23:41 0 paytime.exe
29.11.2005 08:24 151.552 nsk43.dll
29.11.2005 08:24 151.552 nsk3F.dll
29.11.2005 08:24 151.552 nsk11.dll
29.11.2005 08:24 151.552 nsj5CF.dll
29.11.2005 08:24 151.552 nsj508.dll
29.11.2005 08:24 151.552 nsiE9.dll
29.11.2005 08:24 151.552 nsa60.dll
29.11.2005 08:24 151.552 nsf15C.dll
29.11.2005 08:24 151.552 nsz12A.dll
29.11.2005 08:24 151.552 nsz612.dll
29.11.2005 08:24 151.552 nsu80.dll
29.11.2005 08:24 151.552 nso627.dll
29.11.2005 08:24 151.552 nsg4F2.dll
26.11.2005 13:06 167.936 psnsti.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run vig1u9mh
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls c:\windows\system32\winb2s32.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\0cj9lp4k
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\richeditor
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\wfx5_is1
HKEY_CURRENT_USER\Software\aaa_soft
HKEY_LOCAL_MACHINE\software\riched
HKEY_LOCAL_MACHINE\software\winsoftware\winfixer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run iynndll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run iynnenc
HKEY_CLASSES_ROOT\{0e9f6ac0-a21a-4591-910f-e2c6f3ca094c}
HKEY_CLASSES_ROOT\appid\{25a3c995-10c8-474b-a167-99460ab4ab2b}
HKEY_CLASSES_ROOT\appid\{287a2bad-6590-4eff-9bbc-494385664a73}
HKEY_CLASSES_ROOT\appid\{290b5b73-4963-4ba1-9d2d-07cb566cb7fa}
HKEY_CLASSES_ROOT\appid\{8c65aef6-e413-4314-815b-82717a3f1603}
HKEY_CLASSES_ROOT\appid\{e8928e69-c050-42a9-8884-94de85e888a2}
HKEY_CLASSES_ROOT\appid\checkproduct2.dll
HKEY_CLASSES_ROOT\appid\compcln.dll
HKEY_CLASSES_ROOT\appid\ffwraper.dll
HKEY_CLASSES_ROOT\appid\fixcore.dll
HKEY_CLASSES_ROOT\btnetw.amo
HKEY_CLASSES_ROOT\btnetw.amo.1
HKEY_CLASSES_ROOT\btnetw.iiittt
HKEY_CLASSES_ROOT\btnetw.iiittt.1
HKEY_CLASSES_ROOT\btnetw.momo
HKEY_CLASSES_ROOT\btnetw.momo.1
HKEY_CLASSES_ROOT\btnetw.ohb
HKEY_CLASSES_ROOT\btnetw.ohb.1
HKEY_CLASSES_ROOT\checkproduct2.checkproduct
HKEY_CLASSES_ROOT\checkproduct2.checkproduct.1
HKEY_CLASSES_ROOT\clsid\{07e9cdf4-20d2-46b1-b681-663968f527ce}
HKEY_CLASSES_ROOT\clsid\{08c71fb1-1e66-4d22-9f32-4c045a451306}
HKEY_CLASSES_ROOT\clsid\{0962da67-db64-465c-8cd7-cbb357caf825}
HKEY_CLASSES_ROOT\clsid\{09c14745-90fd-42d1-9276-4924d7dbc274}
HKEY_CLASSES_ROOT\clsid\{09d98db3-217f-4a37-950f-7fa1b08ce2b6}\programmable
HKEY_CLASSES_ROOT\clsid\{1cdeb41b-905a-4183-aa20-26e075419b46}
HKEY_CLASSES_ROOT\clsid\{22b720c7-5fa6-40a8-9f8f-8584bf669690}
HKEY_CLASSES_ROOT\clsid\{356b2bd0-d206-4e21-8c85-c6f49409c6a9}
HKEY_CLASSES_ROOT\clsid\{38edb9e2-d7c4-4575-8905-fe65414ffead}
HKEY_CLASSES_ROOT\clsid\{48349992-1402-4c67-b45b-2e619e641fdb}
HKEY_CLASSES_ROOT\clsid\{486145b0-37d1-428b-b3e1-26d26f690c79}
HKEY_CLASSES_ROOT\clsid\{4d568f0f-8ac9-40ab-88b7-415134c78777}
HKEY_CLASSES_ROOT\clsid\{52add86d-9561-4c40-b561-4204dbc139d1}
HKEY_CLASSES_ROOT\clsid\{52fe5233-367c-4efb-bdd7-0be4d212c107}
HKEY_CLASSES_ROOT\clsid\{538bc8f3-2e1e-4d2d-a261-158df6e9b407}
HKEY_CLASSES_ROOT\clsid\{53abaccb-434c-4756-a02b-8c2a3f29fb7d}
HKEY_CLASSES_ROOT\clsid\{55be9f0d-6caf-4c3e-b125-5a13a8c9d0ec}\programmable
HKEY_CLASSES_ROOT\clsid\{6024fcd5-91fc-4dc7-8481-63eabd5051d8}
HKEY_CLASSES_ROOT\clsid\{62631e26-b5a1-4ac4-a3ae-1cb72c6819c5}
HKEY_CLASSES_ROOT\clsid\{66a9c4d0-bc54-4841-8faa-db98cbb77bad}
HKEY_CLASSES_ROOT\clsid\{7c5e5671-7a1d-4ae8-91f0-496adf2825f7} --> winb2s32.dl1
HKEY_CLASSES_ROOT\clsid\{8037f7f0-80b6-453a-a7cb-5371a4a09bb8}
HKEY_CLASSES_ROOT\clsid\{82f55658-ca6d-4754-b313-5dcaafa0bb42}
HKEY_CLASSES_ROOT\clsid\{84c43108-013c-4513-8578-f50080b9c9d0}
HKEY_CLASSES_ROOT\clsid\{999a06ff-10ef-4a29-8640-69e99882c26b}
HKEY_CLASSES_ROOT\clsid\{9ade0443-2ab2-4b23-a3f8-ac520773de12}
HKEY_CLASSES_ROOT\clsid\{9cc1be04-3b42-4442-9a46-77e8bc1108f9}
HKEY_CLASSES_ROOT\clsid\{aa69bbfc-1d28-4960-8061-93c1bb156238}
HKEY_CLASSES_ROOT\clsid\{b096a483-0abd-4af0-856a-cad36145af5c}
HKEY_CLASSES_ROOT\clsid\{b5e427f9-ab38-4348-9076-86870c2be860}
HKEY_CLASSES_ROOT\clsid\{bc54b24c-5a97-4c19-9181-8b8a05b2e931}
HKEY_CLASSES_ROOT\clsid\{bd9584ef-c28c-4f6d-8d49-0cee3c0e442f}
HKEY_CLASSES_ROOT\clsid\{c0bc364f-ab33-4778-8047-5a2148e0ecda}
HKEY_CLASSES_ROOT\clsid\{c427b3e3-28dc-4001-9590-d99b6776119b}
HKEY_CLASSES_ROOT\clsid\{c7888681-1a83-4c14-b9a5-95f91240b44f}
HKEY_CLASSES_ROOT\clsid\{c8186977-4d5e-4c2b-a5ab-98d59f05c610}
HKEY_CLASSES_ROOT\clsid\{cae8a9b1-abbd-4159-a485-1da045a5d4a1}
HKEY_CLASSES_ROOT\clsid\{cb5b2bc6-f957-4d8a-be67-83f3ec58ba01}
HKEY_CLASSES_ROOT\clsid\{d86f8319-7c7a-4f2c-927b-6fd286dc4371}
HKEY_CLASSES_ROOT\clsid\{e4776f3a-6936-4a9c-b2da-e57c239fd2f8}
HKEY_CLASSES_ROOT\clsid\{f41c1430-cfde-4ad3-b38d-7890f0843e47}
HKEY_CLASSES_ROOT\clsid\{f90b494e-39e5-497d-ae7e-72a2bdca76d3}
HKEY_CLASSES_ROOT\clsid\{ff81672f-13ff-401f-8662-6e895c564cc4}
HKEY_CLASSES_ROOT\compcleancore.appcleaner
HKEY_CLASSES_ROOT\df_fixer.fixer
HKEY_CLASSES_ROOT\df_fixer.fixer.1
HKEY_CLASSES_ROOT\df_proxy.drivermanipulate
HKEY_CLASSES_ROOT\df_proxy.drivermanipulate.1
HKEY_CLASSES_ROOT\ffcom.flfixer
HKEY_CLASSES_ROOT\ffwraper.ffenginwraper
HKEY_CLASSES_ROOT\ffwraper.ffenginwraper.1
HKEY_CLASSES_ROOT\fixcore.mmfixcore
HKEY_CLASSES_ROOT\fixcore.mmfixcore.1
HKEY_CLASSES_ROOT\interface\{018c5406-aee6-4a68-980f-2ceb1e9416fb}
HKEY_CLASSES_ROOT\interface\{02b577d5-2212-42f3-ad51-2f6a9ae43233}
HKEY_CLASSES_ROOT\trfdsk.amo
HKEY_CLASSES_ROOT\trfdsk.amo.1
HKEY_CLASSES_ROOT\trfdsk.iiittt
HKEY_CLASSES_ROOT\trfdsk.iiittt.1
HKEY_CLASSES_ROOT\trfdsk.momo
HKEY_CLASSES_ROOT\trfdsk.momo.1
HKEY_CLASSES_ROOT\trfdsk.ohb
HKEY_CLASSES_ROOT\trfdsk.ohb.1
HKEY_CLASSES_ROOT\typelib\{081de2f6-927b-4aa9-88c1-f531c9387383}
HKEY_CLASSES_ROOT\typelib\{0e9f6ac0-a21a-4591-910f-e2c6f3ca094c}
HKEY_CLASSES_ROOT\typelib\{30ed49a5-ca6c-4918-b5f3-5e6818c91d8b}
HKEY_CLASSES_ROOT\typelib\{33add70f-53ab-4f97-b4b6-997881820f6d}
HKEY_CLASSES_ROOT\typelib\{45782901-ba9f-422d-b231-bcb6487fac4b}
HKEY_CLASSES_ROOT\typelib\{4dceea42-794d-4855-9ecc-20dcf5f4fea7}
HKEY_CLASSES_ROOT\typelib\{4dfd0b10-93db-4d7e-9b34-3d92ca493be4}
HKEY_CLASSES_ROOT\typelib\{7812d585-c5f0-458e-9922-c9b4ebe837e8}
HKEY_CLASSES_ROOT\typelib\{ad70ac89-f460-4e7e-b5a5-7eaf7e207736}
HKEY_CLASSES_ROOT\typelib\{b6625280-8cd8-4632-97c0-83cec12a49a3}
HKEY_CLASSES_ROOT\typelib\{d4c89c18-b4f3-46a9-8800-e9e7a55afbd9}
HKEY_CLASSES_ROOT\typelib\{da15c9a2-c30a-4761-922a-5dfe7c9a1f67}
HKEY_CLASSES_ROOT\typelib\{f458adae-d53b-4859-b99f-9fa127791278}
HKEY_CLASSES_ROOT\typelib\{fc76a5b8-db35-4f3e-8b9a-bf0eea098d64}
HKEY_CLASSES_ROOT\winb2s.amo
HKEY_CLASSES_ROOT\zippyl.amo
HKEY_CURRENT_USER\clsid\{0962da67-db64-465c-8cd7-cbb357caf825}
HKEY_CURRENT_USER\clsid\{356b2bd0-d206-4e21-8c85-c6f49409c6a9}
HKEY_CURRENT_USER\clsid\{52add86d-9561-4c40-b561-4204dbc139d1}
HKEY_CURRENT_USER\clsid\{999a06ff-10ef-4a29-8640-69e99882c26b}
HKEY_CURRENT_USER\interface\{018c5406-aee6-4a68-980f-2ceb1e9416fb}
HKEY_CURRENT_USER\interface\{0a7fc040-f84a-4ad7-9439-798b6c0f861e}
HKEY_CURRENT_USER\interface\{32a9d21f-f510-44dc-9ea6-0456eda04668}
HKEY_CURRENT_USER\interface\{c93cc79d-02d5-45b0-be39-7f5b0e5dda31}
HKEY_CURRENT_USER\interface\{da4b919f-b757-4e32-8d79-dec5c2704c4b}
HKEY_CURRENT_USER\software\_dsktptr
HKEY_CURRENT_USER\Software\_rtneg
HKEY_CURRENT_USER\Software\_rtneg2
HKEY_CURRENT_USER\Software\_rtneg3
HKEY_CURRENT_USER\software\_rtneg4
HKEY_CURRENT_USER\software\_trgen
HKEY_CURRENT_USER\software\aaa_soft
HKU\S-1-5-21-3283773488-3818881915-2641975180-1003\Software\aaa_soft\kkkk
HKU\S-1-5-21-3283773488-3818881915-2641975180-1003\Software\aaa_soft\pppp
HKU\S-1-5-21-3283773488-3818881915-2641975180-1003\Software\aaa_soft\ssss
HKEY_CURRENT_USER\software\nsz1d.dll
HKEY_CURRENT_USER\Software\6w23hdcsgt
HKEY_CURRENT_USER\Software\_gpstool
HKEY_CURRENT_USER\Software\_dsktptr
HKEY_CURRENT_USER\Software\drelkge789AEF5
HKEY_CURRENT_USER\Software\RecordNRip
HKEY_CURRENT_USER\eeennn
HKEY_CURRENT_USER\trfdsk.iiittt
HKEY_LOCAL_MACHINE\clsid\{52add86d-9561-4c40-b561-4204dbc139d1}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distributionunits\{07e9cdf4-20d2-46b1-b681-663968f527ce} winb2s.dbi.1
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
{52fe5233-367c-4efb-bdd7-0be4d212c107
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\richedtr
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\richup
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{22b720c7-5fa6-40a8-9f8f-8584bf669690}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4d568f0f-8ac9-40ab-88b7-415134c78777}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{55be9f0d-6caf-4c3e-b125-5a13a8c9d0ec}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8037f7f0-80b6-453a-a7cb-5371a4a09bb8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{999a06ff-10ef-4a29-8640-69e99882c26b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/system32/winb2s32.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run emqvdm
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\winb2s.amo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D568F0F-8AC9-40AB-88B7-415134C78777} -> Spyware.Begin2Search
C:\WINDOWS\system32\reg6523.exe -> Spyware.Beginto
C:\WINDOWS\system32\winb2s32.dll -> Spyware.Beginto
reg6523.exe
winb2s32.dll
trgen[NUMBER].dll
winbbb.dat
rtneg[NUMBER].dll
# %System%\reg6523.exe
# %System%\winb2s32.dll
# %System%\winbbb.dat
# %System%\dsktrf.dll
# %System%\ns[RANDOM CHARACTERS].dll
# %System%\trgen[NUMBER].dll
# %System%\rtneg[NUMBER].dll
# %System%\gpstool.dll
# %System%\gwss.dll
# %Windir%\Downloaded Program Files\winb2s32.inf
# %System%\cache32
# %System%\b2s_cache
C:\Dokumente und Einstellungen\Username\Favoriten\
C:\Dokumente und Einstellungen\All Users\Startmenü\
* Download Free Movies.url
* Download Free Movies.url
* Download Free Music.url
* Download Movies.url
* Download MP3s.url
* Free Bose Stereo.url
* Free IBM Laptop.url
* Free IBM ThinkPad.url
* Free Platinum Card.url
* Free Poker.url
* Free Porn.url
* Free Sony PS3.url
* Free XBox 360.url
* Gambling Board.url
* Hot Sexy Mamma.url
* Kill All Spyware.url
* Kill Evidence.url
* Kill Spyware.url
* Kill Viruses.url
* Kmart Smart Card.url
* Online Sex.url
* Party Poker.url
* Play Bingo.url
* Popup Blocker.url
* Popup Killer.url
* Rate Me.url
* Rate My Body.url
* Record Music.url
* Remove Porn.url
* SexSearch.url
* Sexy Ringtones.url
* Spyware Killer.url
* Spyware Remover.url
* Virus Hunter.url
* YAHOOOOO!.url
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
"{52FE5233-367C-4EFB-BDD7-0BE4D212C107}"
HKEY_CURRENT_USER\software\microsoft\intenet explorer\new window\allow
"www.warezenergy.com"
"www.consoleunderground.com"
Begin2Search Toolbar
Counterspy
HKEY_CLASSES_ROOT\clsid\{BC54B24C-5A97-4C19-9181-8B8A05B2E931}
HKEY_CLASSES_ROOT\clsid\{BC54B24C-5A97-4C19-9181-8B8A05B2E931}\InprocServer32 C:\WINDOWS\System32\nsp10B8.dll
HKEY_CLASSES_ROOT\clsid\{C7888681-1A83-4C14-B9A5-95F91240B44F}
HKEY_CLASSES_ROOT\clsid\{C7888681-1A83-4C14-B9A5-95F91240B44F}\InprocServer32 C:\WINDOWS\System32\nsp10B8.dll
HKEY_CLASSES_ROOT\btnetw.iiittt.1
HKEY_CLASSES_ROOT\btnetw.amo
HKEY_CLASSES_ROOT\btnetw.momo
HKEY_CLASSES_ROOT\clsid\{BD9584EF-C28C-4F6D-8D49-0CEE3C0E442F}
HKEY_CLASSES_ROOT\Interface\{15D53B86-E055-43B1-BBEE-A91A0F37BD2A}
HKEY_CLASSES_ROOT\Interface\{F3C41C1D-22F1-4692-8A7A-88DE70A2E9E2}
HKEY_CLASSES_ROOT\Interface\{FA6FA7A5-2C49-4567-BA74-6DD1C36099EE}
HKEY_CLASSES_ROOT\TypeLib\{BF56BE6A-0AEA-45F3-8B10-7312876584A8}
HKEY_CLASSES_ROOT\Interface\{6B882C34-A832-4F5B-BEF1-7E198BE3F094}
HKEY_CLASSES_ROOT\Interface\{9B6B4031-1D6D-4C65-ACBA-021916853822}
HKEY_CLASSES_ROOT\Interface\{9FF60A27-0C0C-4A6A-A15F-B21B644D67BB}
-------------------------------
c:\dokumente und einstellungen\user\desktop\free ipod nano!.url
C:\WINDOWS\system32\nsg10B2.dll
datfindbat
C:\WINDOWS\system32\black_ipod.ico
C:\WINDOWS\system32\ipodnano.ico
C:\WINDOWS\system32\tv123.ico
C:\WINDOWS\system32\freegas1.ico
C:\WINDOWS\system32\ipod nano1.ico
C:\WINDOWS\system32\creditcard32123123123asdsa123.ico
C:\WINDOWS\system32\virushunter4.ico
C:\WINDOWS\system32\irssyncd.exe
C:\WINDOWS\system32\irismon.dll
C:\WINDOWS\system32\nsi6A3.dll
C:\WINDOWS\system32\nsm742.dll
C:\WINDOWS\system32\b2search.exe
C:\WINDOWS\system32\nsa6A6.dll
C:\WINDOWS\system32\nsi57F.dll
C:\WINDOWS\system32\irasyncd.exe
C:\WINDOWS\system32\irasvmxv.dll
C:\WINDOWS\system32\rastmon.dll
C:\WINDOWS\system32\msxml3a.dll
C:\WINDOWS\system32\nsc775.dll
C:\WINDOWS\system32\nsp66F.dll
|
