Home » Spyware & Browser Hijacker Support Forum » SpyAxe oder Spywarestrike Verseuchung ? » Themenansicht
SpyAxe oder Spywarestrike Verseuchung ? |
||
|---|---|---|
| #0
| ||
|
30.04.2006, 01:36
...neu hier
Beiträge: 5 |
||
 
|
|
|
|
30.04.2006, 02:35
Ehrenmitglied
 Beiträge: 29434 |
#17
1.
gehe in die Registry Start-Ausfuehren- regedit bearbeiten- suchen - SpyAxe hkey_local_machine\software\microsoft\windows\currentversion\run\SpyAxe <- loeschen PC neustarten 2. Counterspy http://virus-protect.org/counterspy.html * nach dem Scan muss man sich entscheiden für: *Ignore *Remove --> Status: Deleted *Quarantaine wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
02.05.2006, 14:19
...neu hier
Beiträge: 5 |
#18
Habe keinen Eintrag mehr zu Spyaxe gefunden.
Hinweis an alle: Ich habe festgestellt, dass das tool Ad-Watch von Ad-Aware-SE Plus die Reinigungsarbeit erschwert oder zum Teil verhindert hat. Dies sollte also bei allen Reinigungsarbeiten deaktiviert sein! Hier nun der Scan von Counterspy: Spyware Scan Details Start Date: 30.04.2006 11:29:06 End Date: 30.04.2006 12:28:19 Total Time: 59 mins 13 secs Detected spyware IST.ISTbar Hijacker more information... Details: ISTbar is an Internet Explorer Hijacker, which modifies your homepages and searches without a user’s consent using an Internet Explorer toolbar. Status: Deleted Infected files detected c:\delus.bat Desktop Links Adware (General) more information... Details: Desktop Links consists of various links and shortcuts placed on the desktop by adware and spyware programs. It includes folders and links placed in Internet Explorer's favorites list. Status: Deleted Infected files detected C:\Dokumente und Einstellungen\Beate\Lokale Einstellungen\Temporary Internet Files\Content.IE5\98OK6LDW\adult[1].ico C:\Dokumente und Einstellungen\Beate\Lokale Einstellungen\Temporary Internet Files\Content.IE5\9D2YRNLD\shopping[1].ico C:\Dokumente und Einstellungen\Beate\Lokale Einstellungen\Temporary Internet Files\Content.IE5\IN5NSBDY\spywareremoval[1].ico C:\WINDOWS\shopping.ico TrustIn Bar Toolbar more information... Status: Deleted Infected files detected C:\Dokumente und Einstellungen\Beate\Lokale Einstellungen\Temporary Internet Files\Content.IE5\PA37PVIB\casino[1].ico Download Accelerator Plus Low Risk Adware more information... Details: Download Accelerator Plus (DAP) is an advertising-supported download manager program from SpeedBit.com. Status: Deleted Infected registry entries detected HKEY_CLASSES_ROOT\interface\{82351440-9094-11d1-a24b-00a0c932c7df} HKEY_CLASSES_ROOT\interface\{82351440-9094-11d1-a24b-00a0c932c7df}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{82351440-9094-11d1-a24b-00a0c932c7df}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{82351440-9094-11d1-a24b-00a0c932c7df}\TypeLib Version 1.5 HKEY_CLASSES_ROOT\interface\{82351440-9094-11d1-a24b-00a0c932c7df} IAniGIF HKEY_CLASSES_ROOT\interface\{5252ac41-94bb-11d1-b2e7-444553540000} HKEY_CLASSES_ROOT\interface\{5252ac41-94bb-11d1-b2e7-444553540000}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{5252ac41-94bb-11d1-b2e7-444553540000}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{5252ac41-94bb-11d1-b2e7-444553540000}\TypeLib Version 1.5 HKEY_CLASSES_ROOT\interface\{5252ac41-94bb-11d1-b2e7-444553540000} IAniGIFEvents HKEY_CLASSES_ROOT\interface\{f32c7705-1dad-4b09-b60a-40f1d9b3dbc9} HKEY_CLASSES_ROOT\interface\{f32c7705-1dad-4b09-b60a-40f1d9b3dbc9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{f32c7705-1dad-4b09-b60a-40f1d9b3dbc9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{f32c7705-1dad-4b09-b60a-40f1d9b3dbc9}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{f32c7705-1dad-4b09-b60a-40f1d9b3dbc9} ICatcher eXact.BargainBuddy Adware (General) more information... Details: BargainBuddy is a Browser Helper Object that watches the pages your browser requests and the terms you enter into a search engine web form. If a term matches a preset list of sites or keywords, BargainBuddy will display an ad. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BargainBuddy HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BargainBuddy SlowInfoCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BargainBuddy Changed 0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA} HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\iexplore Type 3 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\iexplore Count 1570 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\iexplore Time HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}\iexplore Blocked 1404 Advertising.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\dvag\cookies\dvag@advertising[2].txt Mediaplex.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Deleted Infected cookies detected c:\dokumente und einstellungen\dvag\cookies\dvag@mediaplex[1].txt Ist meine Maschine nun clean?? |
|
|
|
|
|
|
02.05.2006, 15:09
Ehrenmitglied
Beiträge: 29434 |
#19
kommen noch PopUps ? ich denke nein.
dann sollte auch alles mehr oder weniger wieder in Ordnung sein. lade den Browser Firefox (der IE bleibt fuer die WindowsUpdates) http://virus-protect.org/firefox.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
- » SpywareQuake/SpyAxe/SpywareStrike/SpyFalcon/SpyGuard
- » Anleitung: VirusBurst/SpywareQuake/SpyAxe/SpywareStrike/SpyFalcon/SpyGuard
- » Problem mit SpyAxe + SpywareStrike - SpyFalcon - SpyGuard - AlfaCleaner - Sp
- » SpywareStrike - C:\Programme\SpywareStrike\SpywareStrike.exe
- » spyaxe, entfernt oder nicht?
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Incident Status Location
Adware:adware/spyaxe Not disinfected Windows Registry
Adware:adware/exact.bargainbuddy Not disinfected Windows Registry
Adware:adware/powerscan Not disinfected Windows Registry
Adware:adware/ncase Not disinfected Windows Registry
Adware:adware/ist.sidefind Not disinfected Windows Registry
Adware:adware/azesearch Not disinfected Windows Registry
Potentially unwanted tool:application/spyaxe Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\run\SpyAxe
Adware:adware/powerstrip Not disinfected Windows Registry
Virus:Trj/Autodelete.A Disinfected C:\Dokumente und Einstellungen\Beate\Lokale Einstellungen\Temp\mghd.bat
Virus:Trj/Autodelete.A Disinfected C:\Dokumente und Einstellungen\Beate\Lokale Einstellungen\Temp\mkhl.bat
Potentially unwanted tool:Application/Processor Not disinfected C:\Dokumente und Einstellungen\DVAG\Desktop\Spyaxe\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Dokumente und Einstellungen\DVAG\Desktop\Spyaxe\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe