AOL software funktioniert nicht mehr...

S1l3nc3 · Nov 20, 2005

Seit heute funktioniert meine AOL software nicht mehr.

Ich bekomme folgende Meldung:
"AOL möchte jetzt die für den Verbindungsaufbau wichtigen Dateien installieren."
wenn ich auf "JA" klicke muss ich den pc neu starten und wenn ichs dann wieder versuche, kommt der fehler wieder!

hab im net ein tut gefunden, wo der selbe fehler dargestellt ist und gezeigt wird, wie man den behebt. aus dem schliese ich zwar, das der "WAN Miniport Treiber (ATW)" falsch installiert ist oder fehlt.
aber dieses tut funktioniert leider nicht...

ich hab mal verscuht den pc mit escan abzuscanen, doch ne minute nach dem beginn, bleibt das programm stehen, die zeit läuft weiter, aber gescannt wird nicht mehr, nach diesen fehlern:
Code:
Sun Nov 20 22:20:13 2005 => ***** Scanning Service Files *****
Sun Nov 20 22:20:13 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Sun Nov 20 22:20:24 2005 => ERROR!!! Invalid Entry system32\DRIVERS\Ms2KFlt.sys in SYSTEM\CurrentControlSet\Services\MouseCmn...
Sun Nov 20 22:20:28 2005 => ERROR!!! Invalid Entry \??\C:\DOKUME~1\Mark\LOKALE~1\Temp\nsysaudm.sys in SYSTEM\CurrentControlSet\Services\nsysaudm...
Sun Nov 20 22:20:28 2005 => ERROR!!! Invalid Entry \??\C:\PROGRAMME\nvc\BIN\nvcoafl51.sys in SYSTEM\CurrentControlSet\Services\nvcoafl51...
Sun Nov 20 22:20:28 2005 => ERROR!!! Invalid Entry \??\C:\PROGRAMME\nvc\BIN\nvcoaft51.sys in SYSTEM\CurrentControlSet\Services\nvcoaft51...
Sun Nov 20 22:20:28 2005 => ERROR!!! Invalid Entry \??\C:\PROGRAMME\nvc\BIN\nvcoarc51.sys in SYSTEM\CurrentControlSet\Services\nvcoarc51...
selsamerweise braucht aufeinmal der arbetsplatz sehr lange um die die festplatte etc anzuzeigen, der rest geht dann normal...

was mach ich falsch??

hier noch der hijackthis log falls der was bringt:

http://www.hijackthis.de/logfiles/c90ce77fe6db9584a350325e2353ab58.html

und äh, ich bekomme auch immer den hinweis "winfix" zu installieren :/

danke schonmal im vorraus!

----------------------------------------------------------------
Anmerkung der Moderation:

Bitte beim nächsten mal eine aussagekräftigere Überschrift wählen. Siehe auch http://www.pcwelt.de/forum/faq.php?faq=forum_rules#faq_forum_aussagekr%E4ftige%FCberschriften

Gruß
Nevok
----------------------------------------------------------------

ohmsl · Nov 21, 2005

Anscheinend ist ein Softwareupdate der AOL-Software nicht ordnungsgemäß erfolgt. Dann hilft nur eine Neuinstallation der AOL Software.

Hinsichtlich des Winfix Problem's gibt's hier im Forum schon einige Threads. Ein zusätzlicher scan mit Escan hilft hier evtl. auch.

S1l3nc3 · Nov 21, 2005

ohmsl said:

Anscheinend ist ein Softwareupdate der AOL-Software nicht ordnungsgemäß erfolgt. Dann hilft nur eine Neuinstallation der AOL Software.

Hinsichtlich des Winfix Problem's gibt's hier im Forum schon einige Threads. Ein zusätzlicher scan mit Escan hilft hier evtl. auch.
Click to expand...

muss ich aol komplett löschen und dann neuinstallieren, oder einfachso?
und zu escan. wie gesagt, es scan nach dem beschriebenen fehler einfach nciht weiter! da bringts auch cniht wenn ichs 10 mal versuche#

und danke jetzt schonmal für die hilfe :>

Jasager · Nov 21, 2005

Hallo,
ich schaue mal ob ich den Winfixer finde, ob das aber was mit der AOL Software zu tun weiß ich nicht.
Scanne dein System mal mit Counterspy wie hier beschrieben und poste das Log.

Grüße Wildone

ohmsl · Nov 21, 2005

Ich würde AOL vorher löschen.

S1l3nc3 · Nov 21, 2005

@jasager: der scan läuft grad, wenns fertig ist, editiere ich den post und kopiere es hier rein!

edit: also hier das logfile :

Code:

Spyware Scan Details
Start Date: 21.11.2005 14:24:18
End Date: 21.11.2005 15:28:15
Total Time: 1 hrs 3 mins 57 secs 

Detected spyware

Bullguard Popup Adware  more information...
Details: The BullGuard pop-up delivers advertisements to your computer for BullGuards anti-virus program.
Status: Deleted

Infected files detected
c:\windows.1\temp\bullguard\bulldownload.exe


AntiLeech Plugin Adware  more information...
Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software.
Status: Deleted

Infected files detected
c:\programme\anti-leech\setup.bat
c:\programme\anti-leech\inst.exe
c:\programme\anti-leech\npalnn.dll
c:\programme\anti-leech\alie.dll
c:\programme\anti-leech\al2np.dll
c:\programme\anti-leech\alie.inf
c:\programme\anti-leech\iesetup2.exe
c:\programme\anti-leech\alie\alie.dll
c:\programme\anti-leech\alie\al2np.dll
c:\programme\anti-leech\alie\alhlp.exe
c:\programme\anti-leech\alie\alie.inf
c:\programme\anti-leech\alie\iesetup2.exe
c:\programme\anti-leech\alie_1.0.1.8\alie.dll
c:\programme\anti-leech\alie_1.0.1.8\al2np.dll
c:\programme\anti-leech\alie_1.0.1.8\alhlp.exe
c:\programme\anti-leech\alie_1.0.1.8\alie.inf
c:\programme\anti-leech\alie_1.0.1.8\iesetup2.exe
c:\programme\anti-leech\alie_1.0.1.9\alie.dll
c:\programme\anti-leech\alie_1.0.1.9\al2np.dll
c:\programme\anti-leech\alie_1.0.1.9\alhlp.exe
c:\programme\anti-leech\alie_1.0.1.9\alie.inf
c:\programme\anti-leech\alie_1.0.1.9\iesetup2.exe
c:\programme\anti-leech\alie_1.0.2.1\alie.dll
c:\programme\anti-leech\alie_1.0.2.1\al2np.dll
c:\programme\anti-leech\alie_1.0.2.1\alhlp.exe
c:\programme\anti-leech\alie_1.0.2.1\alie.inf
c:\programme\anti-leech\alie_1.0.2.1\iesetup2.exe
C:\Dokumente und Einstellungen\Mark\Eigene Dateien\setups\ALPlugin-IEsetup.exe

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AntiLeech.ALIE.1 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AntiLeech.ALIE.1\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AntiLeech.ALIE.1 Anti-Leech Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AntiLeech.ALIE 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AntiLeech.ALIE\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AntiLeech.ALIE\CurVer AntiLeech.ALIE.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AntiLeech.ALIE Anti-Leech Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 C:\PROGRA~1\ANTI-L~1\ALIE_1~1.1\alie.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\ProgID AntiLeech.ALIE.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\TypeLib {056738E1-E15C-11D6-B876-0050BF5D85C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\VersionIndependentProgID AntiLeech.ALIE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} Anti-Leech Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE DisplayName Anti-Leech Plugin for Internet Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE UninstallString C:\Programme\Anti-Leech\ALIE_1.0.2.1\iesetup2.exe uninstall


NetPumper Adware Bundler  more information...
Details: Bundles with a number of adware components such as cydoor, Save!, ClockSync, and WhenU Toolbar.
Status: Deleted

Infected files detected
c:\dokumente und einstellungen\mark\anwendungsdaten\netpumper\mark.ini

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper 
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free state 2
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free pkid 
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free alid rAvEx
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free iid {A7A9FB47-3196-4901-B7CB-E86F27D20B0C}
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro\Firstrun state 2
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro state 2
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro pkid 
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro alid wshawk
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\Pro iid {4673646C-9204-4653-BB31-50057827E494}
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper VersionInfo 
HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper VersionInfo1 
HKEY_CURRENT_USER\Software\NetPumper 
HKEY_CURRENT_USER\Software\NetPumper\Mark Field1 1272600846
HKEY_CURRENT_USER\Software\NetPumper\Mark Field2 753136461
HKEY_CURRENT_USER\Software\NetPumper\Mark Field3 731065927
HKEY_CURRENT_USER\Software\NetPumper\Mark Field4 822213809
HKEY_CURRENT_USER\Software\NetPumper\Mark PreferenceFile C:\Dokumente und Einstellungen\Mark\Anwendungsdaten\NetPumper\Mark.ini
HKEY_CURRENT_USER\Software\NetPumper\Mark cydoor? +W%03%17iN³Ò
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib Version 1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} IAddUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9E33220-0B05-11D7-88D2-444553540000} 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib Version 1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9E33220-0B05-11D7-88D2-444553540000} IAddPackage


ViewPoint Beta Potential Privacy Risk  more information...
Details: ViewPoint Toolbar will hijack your search queries and also transmits non personally identifiable information back to their servers
Status: Deleted

Infected files detected
c:\programme\viewpoint\viewpoint manager\viewmgr.exe
c:\programme\viewpoint\viewpoint manager\read_me.txt
c:\programme\viewpoint\viewpoint manager\viewmgrinstaller.exe
c:\programme\viewpoint\viewpoint manager\viewcp.cpl
c:\programme\viewpoint\viewpoint manager\notifydata\header.gif
c:\programme\viewpoint\viewpoint manager\notifydata\no.gif
c:\programme\viewpoint\viewpoint manager\notifydata\options.ini
c:\programme\viewpoint\viewpoint manager\notifydata\updates.html
c:\programme\viewpoint\viewpoint manager\notifydata\yes.gif

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager DisplayName Viewpoint Manager (Remove Only)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager UninstallString C:\Programme\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager DisplayIcon C:\Programme\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe,0


MapQuest Toolbar Browser Plug-in  more information...
Details: Although the MapQuest Toolbar is not adware per say, some versions install other adware byproducts such as EUniverse, a known spyware program.
Status: Deleted

Infected files detected
c:\windows.1\downloaded program files\webp2pinstaller.dll


ClickAlchemy Adware  more information...
Details: Alchemy is an adware component that is related to Transponder and TwainTech Adware.
Status: Deleted

Infected files detected
c:\windows.1\alchem.ini


Twain Tech Adware  more information...
Details: Twain-Tech is an adware based Internet Explorer browser helper object that deliver targeted ads based on a users browsing patters. Twain-Tech does not provide any other relevant purpose other then to display pop-up ads.
Status: Deleted

Infected files detected
c:\windows.1\inf\alchem.inf
c:\windows.1\smdat32a.sys
c:\windows.1\smdat32m.sys


KaZaA P2P  more information...
Details: Kazaa is a Peer to Peer file sharing application that uses some adware advertising as well as installs a number of thrid party adware software on your computer.
Status: Ignored

Infected files detected
C:\WINDOWS.1\Temp\BullGuard\bulldownload.exe

Infected registry entries detected

HKEY_LOCAL_MACHINE\software\classes\clsid\{66fc8717-efa7-4546-8c4a-e224f3a80c76} 
HKEY_LOCAL_MACHINE\software\classes\clsid\{66fc8717-efa7-4546-8c4a-e224f3a80c76}\TreatAs {0494D0DB-F8E0-41ad-92A3-14154ECE70AC}
HKEY_LOCAL_MACHINE\software\classes\clsid\{66fc8717-efa7-4546-8c4a-e224f3a80c76} 


Web P2P Installer Trojan Downloader  more information...
Details: ActiveX drive by downloader.
Status: Deleted

Infected files detected
C:\WINDOWS.1\Downloaded Program Files\WebP2PInstaller.dll


AntivirusGold Potentially Unwanted Software  more information...
Status: Deleted

Infected files detected
C:\Dokumente und Einstellungen\Ifa\Lokale Einstellungen\Temp\nseF84.tmp\InstallOptions.dll


IST.ISTbar Browser Hijacker  more information...
Details: ISTbar is an Internet Explorer Hijacker, which modifies your homepages and searches without a users consent using an Internet Explorer toolbar.
Status: Deleted

Infected files detected
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP532\A0227174.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP535\A0228327.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP536\A0228566.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP536\A0228624.EXE
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP536\A0229564.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP561\A0242036.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP561\A0242985.exe

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc SlowInfoCache 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc Changed 0


Unclassified.Spyware.57 Spyware  more information...
Status: Deleted

Infected files detected
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP532\A0227175.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP536\A0229563.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP561\A0243022.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP561\A0246089.exe


eXact.Downloader Trojan Downloader  more information...
Details: Trojan used by eXact Bargain Buddy and Cash Back to download and install addtional components.
Status: Deleted

Infected files detected
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP532\A0227182.srg
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP535\A0228328.srg


Overnet Adware Bundler  more information...
Details: Overnet/eDonkey is a file sharing application that bundles third party adware and spyware with the free version.
Status: Deleted

Infected files detected
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP536\A0229758.dll
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP536\A0229759.dll


SurfAccuracy Adware  more information...
Status: Deleted

Infected files detected
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP562\A0247203.exe
C:\System Volume Information\_restore{E0174329-BA5C-4724-B34B-4C903E255F68}\RP562\A0247205.exe


Win Sniffer Password Hijacker  more information...
Details: Commercial software designed to steal Window's passwords.
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config 
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config Adapter \Device\{D5F5FE40-DD7C-44BC-BCFF-5057AFBFD284}
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config bHideHiddenNIC 1
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config bHideMinimize 1
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config bAutoCapture 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config bShowFailed 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config bLogFile 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Config cLogFile C:\Dokumente und Einstellungen\Mark\Eigene Dateien\Neuer Ordner\Win Sniffer\untitled.txt
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 BarID 59398
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 XPos 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 Docking 1
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUDockID 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUDockLeftPos 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUDockTopPos -1
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUDockRightPos 760
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUDockBottomPos 22
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUFloatStyle 8196
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUFloatXPos -2147483648
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar0 MRUFloatYPos 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 BarID 59392
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 XPos 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 YPos 22
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 Docking 1
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUDockID 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUDockLeftPos 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUDockTopPos 22
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUDockRightPos 350
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUDockBottomPos 48
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUFloatStyle 8196
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUFloatXPos -2147483648
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar1 MRUFloatYPos 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar2 
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar2 BarID 59393
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 BarID 59419
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 Bars 5
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 Bar#0 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 Bar#1 59398
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 Bar#2 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 Bar#3 59392
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Bar3 Bar#4 0
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Summary 
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Summary Bars 4
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Summary ScreenCX 1024
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Control Bar State-Summary ScreenCY 768
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Settings 
HKEY_CURRENT_USER\Software\Win Sniffer\Etherscan Password Sniffer\Settings Window Position 


IST.PowerScan Adware  more information...
Details: PowerScan is advertised through in ordinary web pop-ups, but recently it started to install with help from the the ISTBar adware.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main bandrest 
HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\Power Scan 
HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\Power Scan DisplayName Power Scan
HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\Power Scan UninstallString C:\Programme\Power Scan\uninstall.exe


IST.SideFind Adware  more information...
Details: SideFind installs an adware Internet Explorer browser helper object that installs some extra buttons.
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping {10e42047-deb9-4535-a118-b3f6ec39b807} 


Altnet P2P Networking Adware  more information...
Details: P2P Networking is a component that enables other applications to use adware based Peer-to-Peer functionality.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\software\classes\interface\{c91e8926-d4be-4685-99f4-0d996b96bac0} 


Cydoor.TOPicks Adware  more information...
Details: TOPicks is adware implemented as an Internet Explorer toolbar. TOPicks shows targeted links to sponsored sites.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\software\classes\interface\{fd42f6d3-7ab1-470c-979b-7996edc99099} 


IST.SlotchBar Toolbar  more information...
Details: An adware toolbar program for affiliates to distrubute on sites. Affiliates get paid per install of the toolbar.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc SlowInfoCache 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc Changed 0


eDonkey2000 P2P  more information...
Details: eDonkey2000 is a P2P file sharing program that bundles adware/spyware such as Webhancer, Web Search Toolbar and New.Net.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620} 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 C:\Programme\Overnet\plugins\ed2kie.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 ThreadingModel Both
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\ProgID eD2KDownloadManager.object.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\TypeLib {379919F2-1612-45B7-B9F4-773F6D5214F5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620}\VersionIndependentProgID eD2KDownloadManager.object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{320154BB-D666-48F6-990E-172B32954620} eD2K downloadManager object


Passware Kit Password Hijacker  more information...
Details: Passware Kit recovers all kinds of passwords for the world's most popular office application files, including Excel, Word, WinZip, Windows XP/2000/NT, Access, Outlook, Quicken, WordPerfect, VBA, 1-2-3, ACT!, Paradox, Organizer, Schedule, WordPro and more.
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Passware 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Passware Order 
HKEY_CURRENT_USER\Software\Passware 
HKEY_CURRENT_USER\Software\Passware\common\7 general 0 -
HKEY_CURRENT_USER\Software\Passware\RAR Key\7\common\mru dirs a C:\Dokumente und Einstellungen\Mark\Eigene Dateien\LeechEx\
HKEY_CURRENT_USER\Software\Passware\RAR Key\7\common\mru files a C:\Dokumente und Einstellungen\Mark\Eigene Dateien\LeechEx\aoe2.part01.rar
HKEY_CURRENT_USER\Software\Passware\RAR Key\7\demo\last charset +-+--
HKEY_CURRENT_USER\Software\Passware\RAR Key\7\demo\last brute-force + 1 7
HKEY_CURRENT_USER\Software\Passware\RAR Key\7\demo\last xieve + 4 9 0 1
HKEY_CURRENT_USER\Software\Passware\RAR Key\7\demo\last dictionary + 115++-+0C:\Dokumente und Einstellungen\Mark\demos\dict.txt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Passware 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Passware Order 


Adw.eXact.BargainBuddy Adware  more information...
Details: BargainBuddy is a Browser Helper Object that watches the pages your browser requests and the terms you enter into a search engine web form. If a term matches a preset list of sites or keywords, BargainBuddy will display an ad.
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA} 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\iexplore Type 3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\iexplore Count 6
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\iexplore Time 


YourSiteBar Spyware  more information...
Details: YourSiteBar from IST, the makers of numerous spyware threats, is an affiliate based marketing toolbar.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\clsid\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658} 
HKEY_CLASSES_ROOT\clsid\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}\InfFile 
HKEY_CLASSES_ROOT\clsid\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}\InprocServer32 C:\WINDOWS.1\Downloaded Program Files\ysbactivex.dll
HKEY_CLASSES_ROOT\clsid\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}\ProgID YSBactivex.Installer
HKEY_CLASSES_ROOT\clsid\{42F2C9BA-614F-47c0-B3E3-ECFD34EED658} Installer Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ysbactivex.installer 
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ysbactivex.installer\CLSID {42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ysbactivex.installer Installer Class
HKEY_CLASSES_ROOT\Ysbactivex.installer 
HKEY_CLASSES_ROOT\Ysbactivex.installer\CLSID {42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_CLASSES_ROOT\Ysbactivex.installer Installer Class
HKEY_CLASSES_ROOT\YSBactivex.Installer 
HKEY_CLASSES_ROOT\YSBactivex.Installer\CLSID {42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_CLASSES_ROOT\YSBactivex.Installer Installer Class


RealVNC Commercial Remote Control  more information...
Details: VNC (Virtual Network Computing) software makes it possible to view and fully-interact with one computer from any other computer or mobile device anywhere on the Internet.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\Software\ORL 


Accoona.Toolbar Toolbar  more information...
Details: The Accoona Toolbar is a Internet Explorer toolbar that is bundled and installed with other programs.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Package ID 400011
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant CommServer URL http://www.accoona.com/soap
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Content Type text/xml
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Search Assistant Tracking ID &utm_id=400011&utm_content=assist&utm_source=wdz&utm_medium=bund&utm_campaign=wdz0605
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Search Assistant URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Soap Action URL http://www.accoona.com/soap
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Updates Rate 1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant XMLNS http://search.accoona.com
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar\Components 1 {A12ACBAD-7775-486D-8732-8AE4BAD9AFA4}
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Sidebar Search URL http://www.accoona.com/search_assistant/accoona_search_assistant.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Sidebar Tracking ID &utm_id=400011&utm_content=leftnav&utm_source=wdz1&utm_medium=bund&utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Application Path C:\PROGRA~1\ACCOONA
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Auto Complete 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Auto Update 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Birth Date 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Business Search Collection String col=BC&
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Business Search Tracking ID1 &utm_id=400011&utm_content=biz
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Business Search Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Business Search Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Business Search Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Business Search URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Chess Link URL http://www.accoonachess.com
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar CommServer Tracking ID1 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar CommServer Tracking ID2 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar CommServer Tracking ID3 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar CommServer Tracking ID4 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar CommServer URL http://www.accoona.com/soap
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Company Name Search Tracking ID1 &utm_id=400011&utm_content=biz
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Company Name Search Tracking ID2 &utm_source=wdz
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Company Name Search Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Company Name Search Tracking ID4 &utm_campaign=wdz0605
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Company Name Search URL http://www.accoona.com/company?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Content Type text/xml
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Contact URL http://www.accoona.com/toolbar/toolbar_contact_us.jsp
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Country ID -193
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Desktop Search Version 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Distribution ID 191060267763044184401244888
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Download Tracking ID1 &utm_id=400011
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Download Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Download Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Download Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar DT Search Install URL http://www.accoona.com/desktop_search/desktop_search_installation.jsp
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar First Launch 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar First Search 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar General Urchin Code &utm_id=400011&utm_source=wdz&utm_medium=bund&utm_campaign=wdz0605
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Headline XML URL http://www.accoona.com/newsfeed/headline.xml
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Help Tracking ID1 &utm_id=400011
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Help Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Help Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Help Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Help URL http://www.accoona.com/toolbar/toolbar_help.jsp
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Home URL http://www.accoona.com
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Install Package Number 1.0.1.2
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar InstallPath C:\Programme\Accoona
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Language ID en
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar New Release 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Headline Update Rate -5
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Headlines Collection String col=NC&
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Home Tracking ID1 &utm_id=400011
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Home Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Home Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Home Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Home URL http://www.accoona.com/newsclick?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Search Collection String col=MC&
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Search Tracking ID1 &utm_id=400011&utm_content=news
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Search Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Search Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Search Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar News Search URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar OTC Code 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Package ID 400011
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Popup Blocker Enabled 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Postal Code 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Scroll Speed 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Search History 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Show News 
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Soap Action Tracking ID1 &utm_id=400011
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Soap Action Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Soap Action Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Soap Action Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Soap Action URL http://www.accoona.com/soap
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Terms Tracking ID1 &utm_id=400011
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Terms Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Terms Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Terms Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Terms URL http://www.accoona.com/legal/terms_and_conditions.jsp
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Toolbar Install URL http://www.accoona.com/toolbar/toolbar_installation.jsp
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Toolbar Version Number 1.0.1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Update Stamp 07/25/2005
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Updates Rate 1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar UTF utf-8
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Web Search Collection String col=WC&
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Web Search Tracking ID1 &utm_id=400011&utm_content=web
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Web Search Tracking ID2 &utm_source=wdz1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Web Search Tracking ID3 &utm_medium=bund
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Web Search Tracking ID4 &utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Web Search URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar XMLNS http://search.accoona.com
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Search Assistant Tracking ID &utm_id=400011&utm_content=assist&utm_source=wdz1&utm_medium=bund&utm_campaign=wdz0605a
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Search Assistant URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant XMLNS http://search.accoona.com
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Updates Rate 1
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Soap Action URL http://www.accoona.com/soap
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Search Assistant URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant Content Type text/xml
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Search Assistant CommServer URL http://www.accoona.com/soap
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Search Assistant URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar XMLNS http://search.accoona.com
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Web Search URL http://www.accoona.com/search.jsp?
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar UTF utf-8
HKEY_LOCAL_MACHINE\SOFTWARE\Accoona\Toolbar Updates Rate 1


Adw.Starware.Toolbar Search Hijacker  more information...
Details: Adw.Starware.Toolbar is an IE Toolbar offering Search, Weather, Reference, and other capabilities. It hijacks the IE SearchAssistant and the 404 error page to its own search site. This application can also be removed using Windows Control Panel's Add/Remo
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\Software\Starware 
HKEY_CURRENT_USER\Software\Starware\OriginalSearchAssistant SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_CURRENT_USER\Software\Starware\OriginalSearchAssistant Use Search Asst no
HKEY_CURRENT_USER\Software\Starware\OriginalSearchAssistant Use Custom Search URL 0
HKEY_CURRENT_USER\Software\Starware\SearchAssistant SearchAssistant http://as.starware.com/dp/search?x=wKX1ILEOi+Vh7AfA98Gm4Me69ZMbubcDyUaazwlbdhcHYlM4YbjA1fCHUJhSmAy/mS73Hp2JYtW1hWTPjMDgHXMCQwZBIzL1MTOvCjW+4MJwKLjY/SzXzae/qnWqiiwWEuBgPcfM+IE=
HKEY_CURRENT_USER\Software\Starware\SearchAssistant Use Search Asst no
HKEY_CURRENT_USER\Software\Starware\SearchAssistant Use Custom Search URL 0


Ajan 1.0 Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@xiti[1].txt


Right Media Cookie  more information...
Details: Rightmedia is a cookie that tracks the unique visitors to a web site and their personal preferences.
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@rightmedia[1].txt
c:\dokumente und einstellungen\mark\cookies\mark@rightmedia[2].txt


GeoCities Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@geocities[1].txt
c:\dokumente und einstellungen\mark\cookies\mark@geocities[3].txt
c:\dokumente und einstellungen\mark\cookies\mark@geocities[4].txt


Com.com Cookie  more information...
Details: Redirects to cnet.com
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@com[2].txt


AdKnowledge.com Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@adknowledge[1].txt
c:\dokumente und einstellungen\mark\cookies\mark@adknowledge[3].txt
c:\dokumente und einstellungen\mark\cookies\mark@adknowledge[4].txt


ABetterInternet.Aurora Cookie Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@a[1].txt


BurstNet.com Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@burstnet[2].txt
c:\dokumente und einstellungen\mark\cookies\mark@burstnet[1].txt
c:\dokumente und einstellungen\mark\cookies\mark@burstnet[3].txt


Radar Spy 1.0 Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@yourmedia[1].txt
c:\dokumente und einstellungen\mark\cookies\mark@www.hey[1].txt


Messenger Key Cookie  more information...
Details: Messenger Key is the password hijacker.
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@www.lostpassword[1].txt


Proactive Windows Security Explorer Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@www.elcomsoft[1].txt


Real Spy Monitor Build 2.18 Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@www.regnow[1].txt


PriceGrabber Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@pricegrabber[1].txt


adriver Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@adriver[1].txt


PayPopup.com Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@paypopup[2].txt
c:\dokumente und einstellungen\mark\cookies\mark@paypopup[1].txt


Offeroptimizer Cookie  more information...
Details: Offeroptimizer is a cookie that tracks the unique visitors to a web site and their personal preferences.
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@offeroptimizer[2].txt


Cok.Accoona Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@accoona[2].txt


Claria.DashBar Cookie Cookie  more information...
Details: DashBar cookie is a small text file placed on the user's computer after when visiting the Claria/GAIN DashBar website.
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@belnk[2].txt


Cok.ad.yieldmanager Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@ad.yieldmanager[1].txt
c:\dokumente und einstellungen\mark\cookies\mark@ad.yieldmanager[3].txt


Cok.a.websponsors Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@a.websponsors[2].txt


Cok.AssasinTrojan2.0 Cookie  more information...
Status: Deleted

Infected cookies detected
c:\dokumente und einstellungen\mark\cookies\mark@main[1].txt

@ohmsl: hättest du vielleicht ne idee wie ich ein backup tb von dem favoriten in aol machen könnte, weil da hab ich wirklich viele und alle zu verlieren wäre verdammt schade

danke

NoExe · Nov 21, 2005

Mit dem " AOL UNINSTALLER " löscht du deine AOL - Software zuverlässig.

Du findest ihn unter " STICHWORT " ( STRG + K ). Dort tippst " AOL UNINSTALLER " ein und ladest die Datei herunter. .)

S1l3nc3 · Nov 21, 2005

Gani777 said:

Mit dem " AOL UNINSTALLER " löscht du deine AOL - Software zuverlässig.

Du findest ihn unter " STICHWORT " ( STRG + K ). Dort tippst " AOL UNINSTALLER " ein und ladest die Datei herunter. .)
Click to expand...

öhm sry, aber ich raff das nicht? wo meinste denn bei "stichwort"?
das lönnte glaub ich bei aol sein, aber das geht doch garnet an^^

ohmsl · Nov 21, 2005

Die Daten liegen im Ordner "Organize".
C:\Dokumente Und Einstellungen\All Users\Anwendungsdaten\Aol\C_Aol 9.0\Organize

Den ganzen Ordner einfach auf den Desktop oder anderen Ort kopieren. Ich hoffe doch, dass auch die Favoriten drin sind. Es kann auch sein, dass die Favoriten direkt bei AOL gespeichert sind.

Hast du versucht AOL über die Systemsteuerung - Software zu deinstallieren?

Wenn du unschlüssig bist, kannst du auch AOL ein zweites mal installieren ohne zu löschen.

Der Rechner sollte vor der Installation clean sein.

NoExe · Nov 21, 2005

Melde dich mal bei AOL an. Sobald du drin bist, tippe auf " STRG + K ". Es erscheint nun ein Fenster, indem du " AOL UNINSTALLER " eintippen musst, damit du das Programm dann herunterladen kannst und damit deine AOL Software deinstallieren kannst.

S1l3nc3 · Nov 21, 2005

hab über die systemsteurung AOL erfolgreich deinstalliert. hab auch die registry einträge gelöscht. alles neuinstalliert. versucht zu starten, und es kommt wiedermal das selbe problem...
mit 1nem unterschied: wenn man jetzt auf "JA" klickt, erscheint rechts unten in der taskleiste dieses symbol mit dem monitor etc, wie die meisten setup dateien aussehen. wenn man mit der maus draufgeht, sieht man den installationsfortschritt in % angezeigt... dann geht es weg, und AOL verlangt auch keinen neustart mehr...

jetzt hab ich echt ka was ich machen könnte...

@kani777: AOL funtioniert bei mir doch net, wie soll ich da mich anmelden?^^

thx s1l3nc3

S1l3nc3 · Nov 24, 2005

da is wohl nix mehr zu machen... nur ich hab jetzt etwas am pc rumgegukt, und bin eigenartiger weise auf noch ein seltsameres problem gestoßen: wenn ich den Geräte-manager öffne, is der einfach ganz leer, kein einziger eintrag ist drin???
wie kann das denn sein?

Log in or Sign up

AOL software funktioniert nicht mehr...

S1l3nc3 ROM

ohmsl Viertel Gigabyte

S1l3nc3 ROM

Jasager Viertel Gigabyte

ohmsl Viertel Gigabyte

S1l3nc3 ROM

NoExe Halbes Megabyte

S1l3nc3 ROM

ohmsl Viertel Gigabyte

NoExe Halbes Megabyte

S1l3nc3 ROM

S1l3nc3 ROM

Share This Page