Malware (oder so)

#0
31.05.2006, 00:49
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#31 1.
KILLBOX - Pocket KillBox
http://virus-protect.org/killbox.html

Options: Delete on Reboot --> anhaken
und klicke auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "---- klicke auf "no",und kopiere das nächste rein, erst beim letzten auf "yes"
reinkopieren: .........

Zitat

anhaken:Single Files

c:\windows\GatorHDPlugin.log
C:\Dokumente und Einstellungen\Raphaell\Desktop\virendetecter\backups\backup-20060501-183206-209.dll

anhaken: All Files

c:\programme\FunWebProducts
PC neustarten

2.
Counterspy
http://virus-protect.org/counterspy.html
* nach dem Scan muss man sich entscheiden für:

*Ignore
*Remove --> Status: Deleted
*Quarantaine

wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
31.05.2006, 11:00
Member

Themenstarter

Beiträge: 53
#32 ist es das:
Spyware Scan Details
Start Date: 31.05.2006 09:55:03
End Date: 31.05.2006 10:49:48
Total Time: 54 mins 45 secs

Detected spyware

Virtual-IE.MsMovies Adware (General) more information...
Status: Deleted

Infected files detected
c:\windows\system32\cmd.com
c:\windows\system32\netstat.com
c:\windows\system32\ping.com
c:\windows\system32\regedit.com
c:\windows\system32\taskkill.com
c:\windows\system32\tasklist.com
c:\windows\system32\tracert.com


Claria.GAIN.CommonElements Adware (General) more information...
Details: Claria's GAIN network consists of several applications inlcuding Gator eWallet, GotSmiley, ScreenSeenes, WebSecureAlert, DashBar, Weatherscope, Date Manager and Precision Time.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} GMG BF2FA605-4ECD-4C19-83E6-995458DB42B0
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} GEF 64
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} uets
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} GMI128
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} GMI 599693607


BearShare P2P Program more information...
Details: BearShare is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\0\win32 C:\Programme\BearShare\RunMSC.dll
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0\HELPDIR C:\Programme\BearShare\
HKEY_CLASSES_ROOT\typelib\{905d0df2-3a0a-4d94-853c-54a12a745905}\1.0 RunMSC 1.0 Type Library
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E}
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E}\InprocServer32 C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E}\InprocServer32 InprocServer32 'l1^Vn-}f(ZXfeAR6.jiTranslationHidden>CFG$0D+!g(3?!!!_GX=b
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} Microsoft InfoTech Default Data Handler
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} bTApfbXP ~\ZYSWCvCIPYR{`ZikFqP@eoAfYbV_
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} GrxxDwwjfnaC zHl~_RyjoP{wLR~XXAA
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} rLtcqOtwx UOc{QJdG@azYDblQN
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} FJzgfwvlWuoOf c}O]~ycddJx~SHJ|PZ
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} vszykyebP pviHU_VOFyKYneSf\MCrHga]r
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} Lrhtuysnow ]\gM\OHzwhCbQEu[{[YQDO}jufGK
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} mvnukDdUoqEsn _jcKJ{atxHvqrLysRa}_kygUAUS
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} anfPgyif Iiw\{pqSIldgHt@hmosZV[whj[d
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} vRosAlu n|@nz\vu\wdX|~PvGwm
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} wfrgt FypGMiTveKwbKl}yVz|pfAvWzz
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} blVxsm wFOB~L^bOKZlTgiQ`|ZMa
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} pdEVCBzeiU cbd{@ZCsKt[]SNRmZzusFswRM|[xr]bp
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} eOjorsole l`PoaxLHk~JjIMZXXfbbWTt
HKEY_CLASSES_ROOT\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E} djqj AEBwbw_ZuP\oIUf|DsN[secRQL


FunWebProducts Potentially Unwanted Program more information...
Details: Fun Web Products bundles adware software in its products.
Status: Deleted

Infected registry entries detected
HKEY_CURRENT_USER\SOFTWARE\FunWebProducts
HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings\MSNMessenger SessionCount 28
HKEY_CURRENT_USER\SOFTWARE\FunWebProducts\Settings\MSNMessenger SessionTimestamp 220953
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn LastHTMLMenuURL http://www.funwebproducts.com/CursorChooser.html
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.1 You just received a smiley! Go to @LINK@ to see it!
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products\Settings\Promos MSN.numActive 1
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CheckForConnection 1
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer sr 0
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CurInstall 1
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer Dir C:\Programme\FunWebProducts\Installr\
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CurInstall 1
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer sr 0
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer pl 7
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CheckForConnection 1
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts\Installer CacheDir C:\Programme\FunWebProducts\Installr\Cache\


My Way Speedbar Potentially Unwanted Program more information...
Details: MyWay Speedbar is a search toolbar that installs into Internet Explorer and Netscape Navigator, adding search functions and popup blocking.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17}
HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}


WhenU.Save Adware (General) more information...
Details: WhenU.SaveNow is an adware application that displays pop-up advertising on the desktop in response to users' web browsing.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\runmsc.loader.1\clsid
HKEY_CLASSES_ROOT\runmsc.loader.1\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07}
HKEY_CLASSES_ROOT\runmsc.loader\clsid
HKEY_CLASSES_ROOT\runmsc.loader\clsid {9F95F736-0F62-4214-A4B4-CAA6738D4C07}
HKEY_CLASSES_ROOT\runmsc.loader\curver
HKEY_CLASSES_ROOT\runmsc.loader\curver RunMSC.Loader.1
HKEY_CLASSES_ROOT\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}
HKEY_CLASSES_ROOT\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_CLASSES_ROOT\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97} ILoader
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 C:\Programme\BearShare\RunMSC.dll
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\ProgID RunMSC.Loader.1
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\TypeLib {905D0DF2-3A0A-4D94-853C-54A12A745905}
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}\VersionIndependentProgID RunMSC.Loader
HKEY_CLASSES_ROOT\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07} Loader Class
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WhenUSaveMsg
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WhenUSaveMsg SlowInfoCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WhenUSaveMsg Changed 0


IST.PowerScan Adware (General) more information...
Details: PowerScan is advertised through in ordinary web pop-ups, but recently it started to install with help from the the ISTBar adware.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main bandrest


MyWebSearch Toolbar Potentially Unwanted Program more information...
Details: MyWebSearch Toolbar is a customizable Internet Explorer search toolbar with various other tools.
Status: Deleted

Infected registry entries detected
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs {63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17}
HKEY_CURRENT_USER\Software\MyWebSearch
HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17}
HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib {29D67D3C-509A-4544-903F-C8C1B8236554}
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} IMonitorEvents
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib {E47CAEE0-DEEA-464A-9326-3F2801535A4D}
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib Version 1.0
HKEY_CLASSES_ROOT\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} IF3PopupMenu
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CurVer MyWebSearch.PseudoTransparentPlugin.1
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin MyWebSearch Pseudo Transparent Plugin
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 MyWebSearch Pseudo Transparent Plugin
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches incmail.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msimn.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msn.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches outlook.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches waol.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches aim.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icq.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches icqlite.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msmsgs.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches msnmsgr.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches ypager.exe 1
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\bar\Switches mwssrcas.dll 0
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 Toolbar *Uninstalled*
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive\Email-IM\0 AppName MyWebSearch Email Plugin
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar pid ZCxdm482YYCH
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar Dir C:\Programme\MyWebSearch\bar\
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar CurInstall 1
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar SettingsDir C:\Programme\MyWebSearch\bar\Settings\
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar sr 0
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar pl 7
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar Id B56664A7-3823-42DB-83F3-A8A191A0CDB4
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar CacheDir C:\Programme\MyWebSearch\bar\Cache\
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar ConfigDateStamp 2006040108
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar HTMLMenuRevision 125
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar sscSet 4
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar sscLabel My Web Search
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar sscURL http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm482YYCH&fl=0&ptb=p2RmtdtCIzihqPODtM2gkQ&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar Flags 8722
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\bar HistoryDir C:\Programme\MyWebSearch\bar\History\
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant pid ZCxdm482YYCH
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant Dir C:\Programme\MyWebSearch\SrchAstt\
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant esh 1
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant lsp
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant CurInstall 1
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant sr 0
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant pl 7
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant Id 5C8C18CD-E81D-4585-BFAF-27A92811268C
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant ConfigDateStamp 2006040108
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant ABS http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm482YYCH&fl=0&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&ptnrS=ZCxdm482YYCH&PG=SEASUSH&SEC=ABMANY&searchfor=
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant DES http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm482YYCH&fl=0&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=dns&ptnrS=ZCxdm482YYCH&PG=SEASUSH&SEC=DNS&searchfor=
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SearchAssistant eintl 1
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch\SkinTools PlayerPath "C:\Programme\MyWebSearch\bar\1.bin\m3SkPlay.exe"


SurfAccuracy Adware (General) more information...
Details: SurfAccuracy is an adware application that displays advertisements on the desktop and records keystrokes that are entered into certain search engines.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\Software\SAcc
HKEY_LOCAL_MACHINE\Software\SAcc accid 104
HKEY_LOCAL_MACHINE\Software\SAcc subaccid 1004174
HKEY_LOCAL_MACHINE\Software\SAcc Version 1136
HKEY_LOCAL_MACHINE\Software\SAcc InstallDate 1137588881
HKEY_LOCAL_MACHINE\Software\SAcc CfgReloadAttempts 1
HKEY_LOCAL_MACHINE\Software\SAcc CfgReload 1146517507
HKEY_LOCAL_MACHINE\Software\SAcc SAData uid:1acc7d45d48de7398a58820a3c879524-cnt:181-t:---
HKEY_LOCAL_MACHINE\Software\SAcc Counter 177
HKEY_LOCAL_MACHINE\Software\SAcc NextInvoke 1146330046
HKEY_LOCAL_MACHINE\Software\SAcc PopupFail 3


YourSiteBar Toolbar more information...
Details: YourSiteBar from IST, the makers of numerous spyware Thread, is an affiliate based marketing toolbar.
Status: Deleted

Infected registry entries detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main BandRest Never

???
Seitenanfang Seitenende
31.05.2006, 14:00
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#33 nun scannst du noch mal mit Counterspy...bis alles sauber bleibt.
dann ist wieder alles in Ordnung ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
01.06.2006, 12:14
Member

Themenstarter

Beiträge: 53
#34 noch einmal mit counterspy? ist das zeug noch nicht weg?
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: