Mein pc dreht durch !!! popups ohne endeThema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
19.03.2006, 21:25
Member
Themenstarter Beiträge: 18 |
#31
jo....ok....ähm für weitere aktionen( weiß ja nicht wie oft ich noch scannen muss , bis die sache erledigt ist) habe ich in der woche meist erst ab 19:00 Uhr zeit , nur damit du dich net wunderst warum ich die reports net poste ^^
|
|
|
||
19.03.2006, 22:23
Ehrenmitglied
Beiträge: 29434 |
#32
mache es heute noch...es ist ja nur der counterspy..ich hoffe, er loescht den WinAntiVirus Pro 2006 total raus
tzz tzz...wie kann man sich den PC nur so verseuchen......... __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
20.03.2006, 04:49
Member
Themenstarter Beiträge: 18 |
#33
Spyware Scan Details
Start Date: 19.03.2006 21:10:59 End Date: 19.03.2006 22:00:30 Total Time: 49 mins 31 secs Detected spyware RBot.steam Trojan more information... Status: Quarantined Infected files detected C:\Programme\Valve\platform\steam_dev.exe BearShare P2P Program more information... Details: BearShare is a file sharing network. The free version installs a number of known spyware and adware programs. Status: Quarantined Infected registry entries detected HKEY_CLASSES_ROOT\gnufile HKEY_CLASSES_ROOT\gnufile\shell\open\command "C:\Programme\BearShare\BearShare.exe" "%1" HKEY_CLASSES_ROOT\gnufile gnutella HKEY_CLASSES_ROOT\gnufile BrowserFlags 8 HKEY_CLASSES_ROOT\gnufile EditFlags 65536 HKEY_CURRENT_USER\appevents\eventlabels\bearsharechatnotifymsg HKEY_CURRENT_USER\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting HKEY_CURRENT_USER\appevents\schemes\apps\bearshare HKEY_CURRENT_USER\appevents\schemes\apps\bearshare BearShare HKEY_LOCAL_MACHINE\software\bearshare HKEY_LOCAL_MACHINE\software\bearshare InstallDir C:\Programme\BearShare HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg HKEY_USERS\.default\appevents\eventlabels\bearsharechatnotifymsg Chat Message Waiting HKEY_USERS\.default\appevents\schemes\apps\bearshare HKEY_USERS\.default\appevents\schemes\apps\bearshare\BearShareChatNotifyMsg\.Current C:\Programme\BearShare Test\sounds\notify.wav HKEY_USERS\.default\appevents\schemes\apps\bearshare BearShare Blazefind Browser Plug-in more information... Details: BlazeFind installs itself as a Browser Helper Object in Internet Explorer and redirects search queries that you use in search engine as well as hijacks your Internet Explorer settings. Status: Quarantined Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows SA HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows SA installFolder C:\Program Files\WindowsSA\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows SA installFolderBAND C:\Windows\System32\ AvenueMedia.InternetOptimizer Adware more information... Details: Internet Optimizer, also known as DyFuCA, is an adware application that hijacks the user's browser error page. Status: Quarantined Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer SlowInfoCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer Changed 0 IST.SlotchBar Toolbar more information... Details: An adware toolbar program for affiliates to distrubute on sites. Affiliates get paid per install of the toolbar. Status: Quarantined Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc SlowInfoCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc Changed 0 AntiLeech Plugin Adware more information... Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software. Status: Quarantined Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE NetPumper Adware Bundler more information... Details: Bundles with a number of adware components such as cydoor, Save!, ClockSync, and WhenU Toolbar. Status: Ignored Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free state 2 HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free pkid HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free alid 21styeah HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free iid {705AE9E9-98BD-4920-97B7-36713C550EED} HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper VersionInfo F0qI2ykIbZen5w3x07wr2uVRVdi5baMx04zWkwVVtazYN4wPOB0QDkVYOdhWNtMNESjb1oFZVtk0EQbIYvIfFny uBZQtsAvI0vy7ny-wq1XTBTcbGfNFQKpjzuGYwD39z7UJNzWmTPf-oGuob1iImLv1DFfvOL5Tad-0SFE0h3OofeCHa-uk uptD0YMWY-BEFE8NXPCZXGey HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib Version 1.1 HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} IAddUrl HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib Version 1.1 HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} IAddPackage RealVNC Commercial Remote Control more information... Details: VNC (Virtual Network Computing) software makes it possible to view and fully-interact with one computer from any other computer or mobile device anywhere on the Internet. Status: Ignored Infected registry entries detected HKEY_LOCAL_MACHINE\Software\ORL WhenU.SaveNow Adware more information... Details: WhenU.SaveNow is an adware application that displays pop-up advertising on the desktop in response to users' web browsing. Status: Quarantined Infected registry entries detected HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0} HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\TypeLib {DF901432-1B9F-4F5B-9E56-301C553F9095} HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0} IACMFactory HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086} HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\TypeLib {DF901432-1B9F-4F5B-9E56-301C553F9095} HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086} IFetchExtractor HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842} HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\TypeLib {DF901432-1B9F-4F5B-9E56-301C553F9095} HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842} IFetchData IST.ISTbar Browser Hijacker more information... Details: ISTbar is an Internet Explorer Hijacker, which modifies your homepages and searches without a user’s consent using an Internet Explorer toolbar. Status: Quarantined Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc SlowInfoCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc Changed 0 Weborama Cookie more information... Status: Deleted Infected cookies detected c:\dokumente und einstellungen\start\cookies\start@weborama[2].txt |
|
|
||
20.03.2006, 12:50
Ehrenmitglied
Beiträge: 29434 |
#34
Harbs
der Netpumper muss raus...er bringt die PopUps mit sich also kein: Status: Ignored , sondern neuscannen und alles loeschen !!! Quarantined --> wozu ?? Loesche doch diesen ganzen VirenMuell !!!!!!!!! Zitat * nach dem Scan muss man sich entscheiden für:----------------------------------------------------------------- Wenn du deinen PC magst und nicht jede Woche formatieren willst, verzichte in Zukunft auf BearShare, P2P, Netpumper und andere dubiose Tools. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
20.03.2006, 14:45
Member
Themenstarter Beiträge: 18 |
#35
Spyware Scan Details
Start Date: 20.03.2006 13:38:06 End Date: 20.03.2006 14:12:28 Total Time: 34 mins 22 secs Detected spyware NetPumper Adware Bundler more information... Details: Bundles with a number of adware components such as cydoor, Save!, ClockSync, and WhenU Toolbar. Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free state 2 HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free pkid HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free alid 21styeah HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper\Affiliated\free iid {705AE9E9-98BD-4920-97B7-36713C550EED} HKEY_LOCAL_MACHINE\SOFTWARE\NetPumper VersionInfo F0qI2ykIbZen5w3x07wr2uVRVdi5baMx04zWkwVVtazYN4wPOB0QDkVYOdhWNtMNESjb1oFZVtk0EQbIYvIfFnyuBZQtsAvI0vy7ny-wq1XTBTcbGfNFQKpjzuGYwD39z7UJNzWmTPf-oGuob1iImLv1DFfvOL5Tad-0SFE0h3OofeCHa-ukuptD0YMWY-BEFE8NXPCZXGey HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B}\TypeLib Version 1.1 HKEY_CLASSES_ROOT\Interface\{A8B0F390-E6BF-4027-A4D4-1E4363F5E27B} IAddUrl HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib {1145A909-A836-44B8-B03A-48D858B0F43E} HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000}\TypeLib Version 1.1 HKEY_CLASSES_ROOT\Interface\{A9E33220-0B05-11D7-88D2-444553540000} IAddPackage RealVNC Commercial Remote Control more information... Details: VNC (Virtual Network Computing) software makes it possible to view and fully-interact with one computer from any other computer or mobile device anywhere on the Internet. Status: Deleted Infected registry entries detected |
|
|
||
20.03.2006, 14:55
Ehrenmitglied
Beiträge: 29434 |
#36
es muesste nun wieder alles in Ordnung sein...wie laeuft es ?
scanne noch mal mit counterspy...bis alles sauber bleibt, dann deinstalliere das tool. TuneUp 2006 (30 Tage free) Shareware http://virus-protect.org/reinigungstoolsregistry.html wende an: Cleanup repair -- TuneUp Diskcleaner Cleanup repair -- Registry Cleaner __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
20.03.2006, 15:13
Member
Themenstarter Beiträge: 18 |
#37
hey...
es läuft alles wieder ziehmlich gut , außer das ich beim runterfahren ab und zu beim inet explorer und beim card reader auf sofort beenden klicken muss ..... ansonsten echt super leistung !!!!!!!!!!!!!!!! VIELEN VIELEN Dank , das du einem 16 J. alten Typen , der seinen PC fast complett in Ars..*patsch* geritten hat hilfst DDDDDDDDDDAAAAAAAAAAAANNNNNNNNNNNNKKKKKKKKKKKEEEEEEEEEEEEE Dieser Beitrag wurde am 20.03.2006 um 16:36 Uhr von Harbs editiert.
|
|
|
||