Emsisoft Malware-Info

Name: Adware.Win32.RegTool

Risikolevel: Low Risk

Hersteller: PC Utility, Inc. - regtool.exe

Beschreibung:

It is a rogue registry application, it may have exaggerated damage reports, then ask the user to purchase a registered version to remove the reported damage.

Anleitung zum Entfernen von Adware RegTool:

Um diese Malware-Infektion zu löschen, kaufen Sie bitte Emsisoft Anti-Malware.
Garantierte Entfernung von Adware RegTool.

Führen Sie einen Scan durch und stellen Sie gefundene Objekte unter Quarantäne.

Mehr Datails zu dieser Bedrohung:

Charakteristik:

  • It also shows misleading scan results.
  • User must purchase a registered version to remove the damaged registry

Installation: Installed through EXE

Prozess: Reg Tool.exe

Screenshots:

RegToolRegToolRegToolRegToolRegToolRegToolRegToolRegToolRegToolRegToolRegToolRegTool

Verwendete Ordner:

  • C:\Program Files\Downloaded Installers\{FCC1B3CE-5F3C-4B2B-B0CF-609D72C995E1}\
  • C:\Program Files\Reg Tool\
  • C:\Program Files\Reg Tool\PW\
  • C:\RECYCLER\S-1-5-21-1715567821-1844237615-725345543-1003\
  • C:\WINDOWS\
  • C:\WINDOWS\Installer\
  • C:\WINDOWS\Installer\{FCC1B3CE-5F3C-4B2B-B0CF-609D72C995E1}\
  • C:\WINDOWS\SoftwareDistribution\
  • C:\WINDOWS\SoftwareDistribution\DataStore\
  • C:\WINDOWS\SoftwareDistribution\DataStore\Logs\
  • C:\WINDOWS\SoftwareDistribution\EventCache\
  • C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\
  • C:\WINDOWS\system32\WBEM\Logs\
  • C:\WINDOWS\Tasks\
  • drive\D\RECYCLER\S-1-5-21-1715567821-1844237615-725345543-1003\
  • C:\Documents and Settings\All Users\Desktop\
  • C:\Documents and Settings\All Users\Start Menu\Programs\Reg Tool\
  • C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\Content\
  • C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\MetaData\
  • C:\Documents and Settings\[USER]\Application Data\Reg Tool\Logs\
  • C:\Documents and Settings\[USER]\Application Data\Reg Tool\Results\
  • C:\Documents and Settings\[USER]\Cookies\
  • C:\Documents and Settings\[USER]\Local Settings\Application Data\Microsoft\Internet Explorer\
  • C:\Documents and Settings\[USER]\Local Settings\History\History.IE5\
  • C:\Documents and Settings\[USER]\Local Settings\History\History.IE5\MSHist012009092220090923\
  • C:\Documents and Settings\[USER]\Local Settings\Temp\
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\

Verwendete Dateien:

  • C:\Program Files\Downloaded Installers\{FCC1B3CE-5F3C-4B2B-B0CF-609D72C995E1}\setup.msi
    [39488000 Bytes] MSI File
  • C:\Program Files\Reg Tool\definitions.db
    [33156 Bytes] DB File
  • C:\Program Files\Reg Tool\privacy.db
    [4324 Bytes] DB File
  • C:\Program Files\Reg Tool\PW.zip
    [1824 Bytes] ZIP File
  • C:\Program Files\Reg Tool\Reg Tool.exe
    [38282504 Bytes] EXE File
  • C:\Program Files\Reg Tool\Reg Tool.url
    [118 Bytes] URL File
  • C:\Program Files\Reg Tool\startup.db
    [115188 Bytes] DB File
  • C:\Program Files\Reg Tool\PW\general.html
    [249 Bytes] HTML File
  • C:\Program Files\Reg Tool\PW\optimizations.html
    [166 Bytes] HTML File
  • C:\Program Files\Reg Tool\PW\privacy.html
    [775 Bytes] HTML File
  • C:\Program Files\Reg Tool\PW\scheduler.html
    [374 Bytes] HTML File
  • C:\Program Files\Reg Tool\PW\startup.html
    [174 Bytes] HTML File
  • C:\Program Files\Reg Tool\PW\wizard.css
    [186 Bytes] CSS File
  • C:\RECYCLER\S-1-5-21-1715567821-1844237615-725345543-1003\INFO2
    [20 Bytes] File
  • C:\WINDOWS\WindowsUpdate.log
    [12559 Bytes] LOG File
  • C:\WINDOWS\Installer\85179b.msi
    [732160 Bytes] MSI File
  • C:\WINDOWS\Installer\{FCC1B3CE-5F3C-4B2B-B0CF-609D72C995E1}\Icon.exe
    [90112 Bytes] EXE File
  • C:\WINDOWS\SoftwareDistribution\ReportingEvents.log
    [432 Bytes] LOG File
  • C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
    [1056768 Bytes] EDB File
  • C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk
    [8192 Bytes] CHK File
  • C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log
    [131072 Bytes] LOG File
  • C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb
    [65536 Bytes] EDB File
  • C:\WINDOWS\SoftwareDistribution\EventCache\{01D222EB-3EE4-42C4-AE31-4F261A8CE877}.bin
    [8 Bytes] BIN File
  • C:\WINDOWS\SoftwareDistribution\EventCache\{E7E877D5-DCB9-454A-ACB3-B5011E0302B4}.bin
    [462 Bytes] BIN File
  • C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab
    [9668 Bytes] CAB File
  • C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.xml
    [605 Bytes] XML File
  • C:\WINDOWS\system32\WBEM\Logs\wbemprox.log
    [252 Bytes] LOG File
  • C:\WINDOWS\Tasks\Reg Tool Scan.job
    [432 Bytes] JOB File
  • drive\D\RECYCLER\S-1-5-21-1715567821-1844237615-725345543-1003\INFO2
    [20 Bytes] File
  • C:\Documents and Settings\All Users\Desktop\Reg Tool.lnk
    [1848 Bytes] LNK File
  • C:\Documents and Settings\All Users\Start Menu\Programs\Reg Tool\Reg Tool Help.lnk
    [1860 Bytes] LNK File
  • C:\Documents and Settings\All Users\Start Menu\Programs\Reg Tool\Reg Tool on the Web.lnk
    [1848 Bytes] LNK File
  • C:\Documents and Settings\All Users\Start Menu\Programs\Reg Tool\Reg Tool.lnk
    [1848 Bytes] LNK File
  • C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
    [898 Bytes] File
  • C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30
    [95039 Bytes] File
  • C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
    [94 Bytes] File
  • C:\Documents and Settings\[USER]\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30
    [124 Bytes] File
  • C:\Documents and Settings\[USER]\Application Data\Reg Tool\Logs\2009-09-22 23-09-040.log
    [84240 Bytes] LOG File
  • C:\Documents and Settings\[USER]\Application Data\Reg Tool\Results\Evidence.db
    [26036 Bytes] DB File
  • C:\Documents and Settings\[USER]\Application Data\Reg Tool\Results\Junk.db
    [7864 Bytes] DB File
  • C:\Documents and Settings\[USER]\Application Data\Reg Tool\Results\Registry.db
    [103976 Bytes] DB File
  • C:\Documents and Settings\[USER]\Application Data\Reg Tool\Results\Update.db
    [60 Bytes] DB File
  • C:\Documents and Settings\[USER]\Cookies\index.dat
    [32768 Bytes] DAT File
  • C:\Documents and Settings\[USER]\Cookies\virus demo@regtool[1].txt
    [71 Bytes] TXT File
  • C:\Documents and Settings\[USER]\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT
    [16384 Bytes] DAT File
  • C:\Documents and Settings\[USER]\Local Settings\History\History.IE5\index.dat
    [32768 Bytes] DAT File
  • C:\Documents and Settings\[USER]\Local Settings\History\History.IE5\MSHist012009092220090923\index.dat
    [32768 Bytes] DAT File
  • C:\Documents and Settings\[USER]\Local Settings\Temp\~DF7ACE.tmp
    [32768 Bytes] TMP File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    [49152 Bytes] DAT File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\bg_main[1].jpg
    [2402 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\cr_mh_r[1].jpg
    [3721 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\cr_org_tl[1].gif
    [65 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\definitions[1].db
    [33156 Bytes] DB File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\logo_ft[1].gif
    [4419 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\logo_regtool[1].gif
    [4401 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\micro6[1].gif
    [3777 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\0H2HIRKN\softpedia_clean_award_f2[1].gif
    [6873 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\bg_mh_l[1].jpg
    [680 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\bg_top_nav[1].jpg
    [479 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\cr_ft1[1].jpg
    [1922 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\error2[1].gif
    [2446 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\ic2[1].gif
    [6911 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\ic3[1].gif
    [6601 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\6XSRQLQP\ic_sspg[1].gif
    [2099 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\13[1].gif
    [2680 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\bg_mh_r[1].jpg
    [678 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\box_register[1].jpg
    [13619 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\cr_mh_l[1].jpg
    [3696 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\cr_org_br[1].gif
    [66 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\cr_org_tr[1].gif
    [67 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\SRIDQBO7\tucow_award2[1].jpg
    [2688 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\bg_ft2[1].jpg
    [10147 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\bg_ft[1].jpg
    [527 Bytes] JPG File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\bg_hd_m[1].gif
    [1348 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\cr_org_bl[1].gif
    [66 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\global[1].css
    [4263 Bytes] CSS File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\ic1[1].gif
    [6747 Bytes] GIF File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\register_now[1].htm
    [34882 Bytes] HTM File
  • C:\Documents and Settings\[USER]\Local Settings\Temporary Internet Files\Content.IE5\YNQ1M5MT\spacer[1].gif
    [45 Bytes] GIF File

Weiterführende Links:

Bei Google nach Adware RegTool suchen Bei Google nach Adware RegTool suchen
Bei Bing nach Adware RegTool suchen Bei Bing nach Adware RegTool suchen
Bei Yahoo nach Adware RegTool suchen Bei Yahoo nach Adware RegTool suchen

Wie schützt man sich am besten vor Adware RegTool?

Wichtig!
Sie benötigen unbedingt eine Antivirensoftware, die nicht nur Infektionen löschen kann, sondern Ihren PC dauerhaft vor neuen Bedrohungen schützen kann. Nur so sind Sie sicher vor Datendiebstahl und unnötigem Ärger und Kosten durch Neu-Installationen des Betriebssystems.

Kaufen Sie am besten noch heute die vielfach ausgezeichnete Schutzsoftware Emsisoft Anti-Malware!

Nur 30 Euro für die Sicherheit Ihres Computers.

Emsisoft Anti-Malware online bestellen:

Emsisoft Anti-Malware Kaufen

Vertrauen Sie nur auf die beste Schutzsoftware!

Frühlings-Angebot!

Letzte Chance: Zu Ihrer neu gekauften Emsisoft Anti-Malware oder Emsisoft Internet Security Pack Jahreslizenz oder höher erhalten Sie jetzt den CyberGhost Anonymisierer gratis dazu.
Ihr Vorteil: Anonym surfen und Webseiten (Youtube, Hulu...) mit Länderbeschränkungen trotzdem besuchen.

Nur noch wenige Tage! Hier bestellen

Testsieger!

Testsieg für Emsisoft Anti-Malware beim Antiviren-Vergleichstest von MRG - Malware Research Group - Jahrswertung Q1-Q3 2011
Mehr unabhängige Testberichte von Anti-Malware Software