softomate toolbar(ad-aware se)Thema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
17.09.2006, 21:01
...neu hier
Beiträge: 2 |
||
|
||
17.09.2006, 21:11
Member
Beiträge: 130 |
||
|
||
17.09.2006, 21:30
...neu hier
Themenstarter Beiträge: 2 |
#3
soll ich dir hier in diesen thread den text reinkopieren?
inwiefern würde dir das weiterhelfen? ansonsten schon mal vielen dank für deine antwort mfg,julian2003 |
|
|
||
17.09.2006, 21:48
Ehrenmitglied
Beiträge: 29434 |
#4
poste alle logs von dem link hier, wenn es nicht weiterhelfen wuerde, wuerden wir nicht drum bitten
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.10.2006, 11:28
Member
Beiträge: 28 |
#5
hallo,
da ich das gleiche Problemm mit dieser tOOLBAR habe, klinke ich mich mal hier ein. Logfile of HijackThis v1.99.1 Scan saved at 10:12:21, on 22.10.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\0190WA~1\WARN0190.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\T-DSLS~1\SpeedMgr.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Programme\Grisoft\AVG7\avgcc.exe C:\Programme\Phoner\phoner.exe C:\Programme\Logitech\MouseWare\System\Em_exec.exe C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\inetsrv\inetinfo.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\msdtc.exe C:\Programme\Microsoft SQL Server\MSSQL$EAZYSALES\Binn\sqlservr.exe C:\Programme\VeriSign\NAVI\naviagent.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\PROGRA~1\VeriSign\NAVI\NAVICL~1.EXE C:\WINDOWS\System32\mqsvc.exe C:\WINDOWS\System32\mqtgsvc.exe C:\Programme\T-DSL SpeedManager\TSMSvc.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\Lavasoft\AD-AWA~1\ad-aware.exe C:\PROGRA~1\MOZILL~1\THUNDE~1.EXE C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\Regedit.exe C:\Programme\Europa30\europa30.exe Q:\Andreas\Virenschutz\hijackthis\exe-neu\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amivo.de/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.amivo.de/ R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0B660087-931C-4056-A04F-0423890E40B6} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Programme\WS_FTP Pro\wsbho2K0.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O2 - BHO: CBHO Object - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Programme\SpionageAbwehr\SpoofStick\SpoofStickBHO.dll O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll O2 - BHO: (no name) - {D3AA56A9-8137-4950-A6F9-D0190A82AF2A} - (no file) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Programme\SpionageAbwehr\SpoofStick\SpoofStick.dll O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [0190 Warner] C:\PROGRA~1\0190WA~1\WARN0190.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\PROGRA~1\T-DSLS~1\SpeedMgr.exe" O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\Daemon-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe" O4 - Startup: Mauseigenschaften.lnk = C:\WINDOWS\system32\control.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AVG Control Center.lnk = C:\Programme\Grisoft\AVG7\avgcc.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Phoner.lnk = C:\Programme\Phoner\phoner.exe O4 - Global Startup: Sygate Personal Firewall.lnk = C:\Programme\Sygate\SPF\Smc.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Daniel\ICQ\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite5.1\ICQ5.1\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite5.1\ICQ5.1\ICQLite.exe O9 - Extra button: Hilfe zu i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra 'Tools' menuitem: Hilfe zu i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing) O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll O9 - Extra 'Tools' menuitem: Optionen für i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Programme\VeriSign\i-Nav\i-nav_4_2_1.dll O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123785349250 O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Programme\VeriSign\NAVI\naviagent.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: T-DSL SpeedManager (TSMService) - T-Systems Business Services - C:\Programme\T-DSL SpeedManager\TSMSvc.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe Internet - 06-10-22 10:32:48,12 Service Pack 2 ComboFix 06.10.19 - Running from: "Q:\Andreas\Virenschutz\Combofix-Datentr„gerbereinigung" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\taskmgr.com ((((((((((((((((((((((((((((((( Files Created from 2006-09-22 to 2006-10-22 )))))))))))))))))))))))))))))))))) 2006-10-22 10:22 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2006-10-13 15:24 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys 2006-09-24 08:51 28,672 --------- C:\WINDOWS\system32\verclsid.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-22 10:25 -------- d-------- C:\Programme\CleanUp! 2006-10-22 10:22 -------- d-------- C:\Programme\TuneUp Utilities 2006 2006-10-22 08:46 -------- d-------- C:\Programme\Mozilla Firefox 2006-10-22 08:37 -------- d-------- C:\Programme\Mozilla Thunderbird 2006-10-18 09:55 -------- d-------- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\AVG7 2006-10-16 09:51 -------- d-------- C:\Programme\StarMoney 5.0 S-Edition 2006-10-13 15:23 816288 --a------ C:\WINDOWS\system32\drivers\avg7core.sys 2006-10-03 17:55 -------- d-------- C:\Programme\Phoner 2006-09-24 23:58 -------- d-------- C:\Programme\PestPatrol 2006-09-24 08:56 -------- d-------- C:\Programme\Internet Explorer 2006-09-13 10:54 -------- d-------- C:\Programme\Gemeinsame Dateien\Mobipocket Shared 2006-09-13 10:54 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-09-13 10:54 -------- d-------- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Mobipocket Reader 2006-09-13 10:53 -------- d-------- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\AdobeUM 2006-09-13 10:45 -------- d--h----- C:\Programme\Zero G Registry 2006-09-12 17:41 -------- d-------- C:\Programme\Google 2006-09-08 18:27 -------- d-------- C:\Programme\SlySoft 2006-09-08 18:02 34308 --a------ C:\WINDOWS\system32\BASSMOD.dll 2006-09-08 17:54 -------- d-------- C:\Programme\Alcohol Soft 2006-09-03 16:45 -------- d-------- C:\Programme\CDRWIN 6 2006-08-31 18:03 -------- d---s---- C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\Microsoft 2006-08-22 07:18 -------- d-------- C:\Programme\Security Task Manager 2006-07-03 12:13 78312 --a------ C:\Dokumente und Einstellungen\Internet\Anwendungsdaten\GDIPFONTCACHEV1.DAT (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "SpybotSD TeaTimer"="C:\\Programme\\Spybot - Search & Destroy\\TeaTimer.exe" "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "AWMON"="\"C:\\PROGRA~1\\Lavasoft\\AD-AWA~1\\Ad-Watch.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "MsmqIntCert"="regsvr32 /s mqrt.dll" "0190 Warner"="C:\\PROGRA~1\\0190WA~1\\WARN0190.EXE" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "Easy-PrintToolBox"="C:\\Programme\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon" "T-DSL SpeedMgr"="\"C:\\PROGRA~1\\T-DSLS~1\\SpeedMgr.exe\"" "ccApp"="\"C:\\Programme\\Gemeinsame Dateien\\Symantec Shared\\ccApp.exe\"" "ccRegVfy"="\"C:\\Programme\\Gemeinsame Dateien\\Symantec Shared\\ccRegVfy.exe\"" "DAEMON Tools-1033"="\"C:\\Programme\\Daemon-Tools\\daemon.exe\" -lang 1033" "MMTray"="C:\\Programme\\MUSICMATCH\\MUSICMATCH Jukebox\\mm_tray.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex] "Flag"=dword:00000084 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,29,02,00,00,00,00,00,00,2a,02,00,00,44,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,e8,01,00,00,00,00,00,00,eb,01,00,00,e2,02,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,e8,01,00,00,00,00,00,00,eb,01,00,00,e2,02,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgw.exe /RUNONCE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{A213B520-C6C2-11d0-AF9D-008029E1027E}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:91,00,00,00 "CDRAutoRun"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "NeroCheck"="C:\\WINDOWS\\System32\\NeroCheck.exe" "Logitech Utility"="Logi_MwX.Exe" "Gtwatch"="C:\\WINDOWS\\gtwatch.exe" "CloneCDElbyCDFL"="\"C:\\Programme\\Elaborate Bytes\\CloneCD\\ElbyCheck.exe\" /L ElbyCDFL" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\TASK20060129104035.job C:\WINDOWS\tasks\TASK20060129104156.job Completion time: 06-10-22 10:33:44.73 C:\ComboFix.txt ... 06-10-22 10:33 datFind: system32.txt: Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 Verzeichnis von C:\WINDOWS\system32 22.10.2006 08:35 292.099 ETSPTAPI.LOG 22.10.2006 08:34 176.928 OODBS.lor 19.10.2006 10:50 2.206 wpa.dbl 16.10.2006 08:24 143.614 ETSPCOMM.LOG 06.10.2006 09:53 10.677 QuickTime.qtp 06.10.2006 09:53 9.480 QuickTimeFavorites.qtr 02.10.2006 18:58 24.072 uxtuneup.dll 08.09.2006 18:02 34.308 BASSMOD.dll 28.07.2006 16:20 540.636 perfh009.dat 28.07.2006 16:20 589.546 perfh007.dat 28.07.2006 16:20 115.152 perfc009.dat 28.07.2006 16:20 141.796 perfc007.dat 28.07.2006 16:20 1.349.356 PerfStringBackup.INI 28.07.2006 13:30 3.079.168 mshtml.dll 25.07.2006 22:42 617.472 urlmon.dll 21.07.2006 18:35 13.650 PQ_DEBUG.TXT 21.07.2006 10:29 72.704 hlink.dll 14.07.2006 17:38 332.288 netapi32.dll 14.07.2006 17:25 546.304 hhctrl.ocx 13.07.2006 15:34 8.494.592 shell32.dll systemtemp.txt: Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 Verzeichnis von C:\DOKUME~1\Internet\LOKALE~1\Temp system.txt: Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 Verzeichnis von C:\WINDOWS 22.10.2006 10:20 5.974 ccscan6.ini 22.10.2006 10:19 649 cclean13.ini 22.10.2006 08:35 0 0.log 22.10.2006 08:35 157 wiadebug.log 22.10.2006 08:35 1.280.681 WindowsUpdate.log 22.10.2006 08:35 50 wiaservc.log 22.10.2006 08:34 2.048 bootstat.dat 21.10.2006 23:20 32.560 SchedLgU.Txt 17.10.2006 18:04 445 KTEL.INI 24.09.2006 08:59 1.374 imsins.log 24.09.2006 08:59 60.403 tabletoc.log 24.09.2006 08:59 617.464 tsoc.log 24.09.2006 08:59 476.403 comsetup.log 24.09.2006 08:59 62.065 ocmsn.log 24.09.2006 08:59 1.058.061 iis6.log 24.09.2006 08:59 303.005 ntdtcsetup.log 24.09.2006 08:59 16.986 KB917537.log 24.09.2006 08:59 736.435 ocgen.log 24.09.2006 08:59 39.666 medctroc.Log 24.09.2006 08:59 217.318 netfxocm.log 24.09.2006 08:59 65.148 msgsocm.log 24.09.2006 08:59 1.273.567 FaxSetup.log 24.09.2006 08:59 447.936 msmqinst.log 24.09.2006 08:58 1.374 imsins.BAK 24.09.2006 08:58 17.184 KB920685.log 24.09.2006 08:58 17.527 KB919007.log 24.09.2006 08:57 17.286 KB917422.log 24.09.2006 08:57 16.680 KB920670.log 24.09.2006 08:57 17.001 KB922616.log 24.09.2006 08:57 37.218 updspapi.log 24.09.2006 08:56 17.182 KB921398.log 24.09.2006 08:56 29.188 KB918899.log 24.09.2006 08:55 17.195 KB920683.log 24.09.2006 08:55 15.859 KB921883.log 24.09.2006 08:54 15.557 KB914388.log 24.09.2006 08:54 14.080 KB917159.log 24.09.2006 08:53 13.948 KB917953.log 24.09.2006 08:53 14.418 KB914389.log 24.09.2006 08:53 13.875 KB911280.log 24.09.2006 08:52 13.295 KB918439.log 24.09.2006 08:52 22.782 KB916281.log 24.09.2006 08:51 13.439 KB913580.log 24.09.2006 08:51 10.891 KB908531.log 24.09.2006 08:51 9.979 KB911562.log 24.09.2006 08:50 9.353 KB912812.log 24.09.2006 08:50 53.439 KB896688.log 24.09.2006 08:49 53.606 KB899588.log 24.09.2006 08:49 49.190 KB896727.log 24.09.2006 08:49 52.656 KB883939.log 24.09.2006 08:48 56.911 KB890923.log 24.09.2006 08:48 46.738 KB893066.log 24.09.2006 08:48 56.757 KB893086.log 24.09.2006 08:47 51.780 KB867282.log 24.09.2006 08:47 54.145 KB873333.log 24.09.2006 08:46 59.279 KB890047.log 24.09.2006 08:46 57.704 KB890175.log 24.09.2006 08:46 40.251 KB834707.log 08.09.2006 17:58 335.905 setupapi.log 08.09.2006 16:57 73.168 wmsetup.log 30.08.2006 19:16 116 NeroDigital.ini 06.08.2006 19:58 15.119 mozver.dat 06.08.2006 18:12 269 Clony2.ini 06.08.2006 18:12 96 ClonyCDs.ini 28.07.2006 16:19 3.724 dahotfix.log 28.07.2006 16:19 19.868 dasetup.log 15.07.2006 11:45 404 mp3wavsolutions.INI 15.07.2006 11:28 73.216 cadkasdeinst01.exe temp.txt: Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 Verzeichnis von C:\WINDOWS\Temp 22.10.2006 08:35 16.384 Perflib_Perfdata_634.dat 29.09.2006 08:34 16.384 Perflib_Perfdata_1a0.dat 2 Datei(en) 32.768 Bytes 0 Verzeichnis(se), 3.694.108.672 Bytes frei down.txt: Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 Verzeichnis von C:\WINDOWS\Downloaded Program Files 26.01.2006 12:57 0 ppv5exc.dat 04.01.2006 20:56 318 WebCleaner.inf 04.01.2006 20:40 2.816.864 WebCleaner.dll 19.12.2005 14:35 135.168 asinst.dll 19.12.2005 11:29 479 pestscanx.inf 15.12.2005 16:39 653.312 pestscanx.ocx 28.11.2005 17:40 525 asinst.inf 13.10.2005 15:26 779.816 ppctl.dll 30.06.2005 11:33 244 pestscan.ini 26.05.2005 04:19 291 wuweb.inf 20.04.2005 17:21 10.534 mainstrings.txt 11.04.2005 20:34 217 rfscanax.inf 11.04.2005 19:19 152.576 rfscanax.dll 21.07.2004 12:32 708.608 GoogleToolbar2.dll 26.01.2004 18:42 856 yinst.inf 26.01.2004 18:40 133.120 yinsthelper.dll 08.12.2003 13:58 3.759 swflash.inf 25.08.2003 19:12 1.096 iuctl.inf 10.07.2003 11:06 65 desktop.ini 16.04.2002 14:03 483.328 PWActiveXImgCtl.dll 20.01.2000 15:25 1.162 Microsoft XML Parser for Java.osd 14.10.1997 18:52 697 DirectAnimation Java Classes.osd 22 Datei(en) 5.883.035 Bytes 0 Verzeichnis(se), 3.694.104.576 Bytes frei sys.txt: Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 Verzeichnis von C:\ 22.10.2006 11:18 0 sys.txt 22.10.2006 11:17 1.387 down.txt 22.10.2006 11:16 344 tmp.txt 22.10.2006 11:14 19.566 system.txt 22.10.2006 11:14 129 systemtemp.txt 22.10.2006 11:12 122.308 system32.txt 22.10.2006 10:33 7.740 ComboFix.txt 24.09.2006 23:41 12.407.816 AVG7QT.DAT 26.07.2006 21:04 5.021 TDSLCheck.txt 08.07.2006 18:20 2.324 INSTALL.LOG 06.07.2006 10:32 13.030 PDOXUSRS.NET habe mich genau an die Reihenfolge gehalten wie hier beschrieben: Zitat Terementor postetenach dem Test mit Ad-Aware wird diese softomate-Toolbar immer noch gefunden?? |
|
|
||
22.10.2006, 12:00
Ehrenmitglied
Beiträge: 29434 |
#6
amerdi
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.10.2006, 12:24
Member
Beiträge: 28 |
#7
hallo Sabina,
vielen Dank für deine Hilfe. Hier der Text: Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 Verzeichnis von C:\Windows\System32\Com 30.10.2005 22:59 <DIR> . 30.10.2005 22:59 <DIR> .. 26.07.2005 06:39 195.072 comadmin.dll 18.08.2001 14:00 61.440 comempty.dat 18.08.2001 14:00 77.348 comexp.msc 04.08.2004 01:57 9.728 comrepl.exe 18.08.2001 14:00 5.120 comrereg.exe 18.08.2001 14:00 19.456 mtsadmin.tlb 6 Datei(en) 368.164 Bytes 2 Verzeichnis(se), 3.692.875.776 Bytes frei Datentr„ger in Laufwerk C: ist SYSTEM Volumeseriennummer: D00A-9291 edit (Sabina) |
|
|
||
22.10.2006, 12:31
Ehrenmitglied
Beiträge: 29434 |
#8
amerdi
Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat Folders to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** scanne und poste den scanreport http://virus-protect.org/counterspy.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.10.2006, 12:42
Member
Beiträge: 28 |
#9
hat net funktioniert:
////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Fatal error: could not create new script file. Error code: 0 Error logged to errorlog.txt. Aborting now! |
|
|
||
22.10.2006, 12:46
Ehrenmitglied
Beiträge: 29434 |
#10
kein Problem...wenn du dennoch neugestartet hast...scanne mit counterspy und berichte
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.10.2006, 14:19
Member
Beiträge: 28 |
#11
so, allerhand gefunden:
Spyware Scan Details Start Date: 22.10.2006 13:12:01 End Date: 22.10.2006 14:16:49 Total Time: 1 hrs 4 mins 48 secs Detected spyware AntiLeech Plugin Adware (General) more information... Details: Plugin is an Ad-Ware software which enables the broadcasting of advertisements, and execution of e-commerce and other internet related services on the user-interface of the software. Status: Ignored Infected files detected c:\programme\anti-leech\alie_1.0.1.6\al2np.dll c:\programme\anti-leech\alie_1.0.1.6\alhlp.exe c:\programme\anti-leech\alie_1.0.1.6\alie.dll c:\programme\anti-leech\alie_1.0.1.6\alie.inf c:\programme\anti-leech\alie_1.0.1.6\iesetup2.exe Infected registry entries detected HKEY_CLASSES_ROOT\AntiLeech.ALIE.1 HKEY_CLASSES_ROOT\AntiLeech.ALIE.1\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\AntiLeech.ALIE.1 Anti-Leech Plug-in HKEY_CLASSES_ROOT\AntiLeech.ALIE HKEY_CLASSES_ROOT\AntiLeech.ALIE\CLSID {056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\AntiLeech.ALIE\CurVer AntiLeech.ALIE.1 HKEY_CLASSES_ROOT\AntiLeech.ALIE Anti-Leech Plug-in HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 C:\PROGRA~1\ANTI-L~1\ALIE_1~1.6\alie.dll HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\ProgID AntiLeech.ALIE.1 HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\TypeLib {056738E1-E15C-11D6-B876-0050BF5D85C7} HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7}\VersionIndependentProgID AntiLeech.ALIE HKEY_CLASSES_ROOT\CLSID\{056738EE-E15C-11D6-B876-0050BF5D85C7} Anti-Leech Plug-in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE DisplayName Anti-Leech Plugin for Internet Explorer HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-Leech ALIE UninstallString C:\Programme\Anti-Leech\ALIE_1.0.1.6\iesetup2.exe uninstall Overnet Adware Bundler more information... Details: Overnet/eDonkey is a file sharing application that bundles third party adware and spyware with the free version. Status: Ignored Infected files detected c:\dokumente und einstellungen\internet\anwendungsdaten\microsoft\internet explorer\quick launch\overnet.lnk D:\Programme\Overnet\Plugins\ed2kie.dll D:\Programme\Overnet\Plugins\launchmyapp.dll Trojan Horse Trojan more information... Status: Ignored Infected files detected c:\windows\system32\syspr.prx Regfreeze Rogue Security Program more information... Details: Regfreeze is a program that purports to scan for and repair errors in the Windows registy. Status: Ignored Infected files detected c:\windows\downloaded program files\rfscanax.inf c:\windows\downloaded program files\rfscanax.dll Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388} HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\InprocServer32 C:\WINDOWS\Downloaded Program Files\rfscanax.dll HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\InprocServer32 ThreadingModel apartment HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\ProgID rfscanax.RegFreezeScanModule.1 HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\ToolboxBitmap32 C:\WINDOWS\Downloaded Program Files\rfscanax.dll, 1 HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\TypeLib {724E046B-130B-40E3-8B40-3C122B03131B} HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388}\VersionIndependentProgID rfscanax.RegFreezeScanModule HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388} CRegFreezeScanModule Object HKEY_CLASSES_ROOT\CLSID\{AFAB176A-0D25-436A-8555-286F6D7AA388} AppID {724E046B-130B-40E3-8B40-3C122B03131B} CoolWebSearch.CameUp Hijacker more information... Details: CoolWebSearch.CameUp is an adware application that hijacks the user's Internet Explorers start page, and prevents the user from changing the URL back to their preferred homepage. Status: Ignored Infected registry entries detected HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main Search Bar_bak HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main Search Page_bak HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main Start Page_bak My Way Speedbar Potentially Unwanted Program more information... Details: MyWay Speedbar is a search toolbar that installs into Internet Explorer and Netscape Navigator, adding search functions and popup blocking. Status: Ignored Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} eDonkey2000 P2P Program more information... Details: eDonkey2000 is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives. Status: Ignored Infected files detected d:\programme\overnet\plugins\ed2kie.dll Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620} HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 D:\Programme\Overnet\plugins\ed2kie.dll HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\InProcServer32 ThreadingModel Both HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\ProgID eD2KDownloadManager.object.1 HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\TypeLib {379919F2-1612-45B7-B9F4-773F6D5214F5} HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620}\VersionIndependentProgID eD2KDownloadManager.object HKEY_CLASSES_ROOT\CLSID\{320154BB-D666-48F6-990E-172B32954620} eD2K downloadManager object MyWebSearch Toolbar Potentially Unwanted Program more information... Details: MyWebSearch Toolbar is a customizable Internet Explorer search toolbar with various other tools. Status: Ignored Infected registry entries detected HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\ProgID MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\VersionIndependentProgID MyWebSearch.HTMLPanel HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} MyWebSearch HTML HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} My &Web Search HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\ProgID MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\VersionIndependentProgID MyWebSearchToolBar.ToolbarPlugin HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus\1 132497 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} DataCtrl Class HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\ProgID MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\VersionIndependentProgID MyWebSearch.PseudoTransparentPlugin HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus 0 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Version 1.0 HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} MyWebSearch Popup Menu Plugin HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs {A9571378-68A1-443d-B082-284F960C6D17} HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} HttpControl Class HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} _IDataCtrlEvents HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1F52A5FA-A705-4415-B975-88503B291728} IDataCtrl HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} IMyWebSearchHTMLPanel HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{3E720453-B472-4954-B7AA-33069EB53906} _IMyWebSearchHTMLPanelEvents HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchPseudoTransparent HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchPopupMenu HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} IMyWebSearchSkinWindow HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} IHttpControl HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} IHttpControlEvents HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel\CLSID {3E720452-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel\CurVer MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel MyWebSearch HTML Panel HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin\CurVer MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1\CLSID {7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 MyWebSearch Pseudo Transparent Plugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin\CLSID {53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin\CurVer MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1\CLSID {53CED2D0-5E9A-4761-9005-648404E6F7E5} HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 MyWebSearch Toolbar Plugin HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1\CLSID {3E720452-B472-4954-B7AA-33069EB53906} HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 MyWebSearch HTML Panel WhenU.WeatherCast Low Risk Adware more information... Details: WeatherCast is an ad supported desktop weather program that that puts an icon in the system tray displaying the local temperature. It also offers current weather data and forecasts. Weathercast is often bundled with the Save advertising program and/or th Status: Ignored Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WeatherCast HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WeatherCast SlowInfoCache HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WeatherCast Changed 0 GirlFriend RAT more information... Status: Ignored Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\General Cookie: ABetterInternet.Aurora Cookie Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Ignored Infected cookies detected c:\dokumente und einstellungen\internet\cookies\internet@a[2].txt Cookie: CGI-Bin Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Ignored Infected cookies detected c:\dokumente und einstellungen\internet\cookies\internet@cgi-bin[2].txt Cookie: Com.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Ignored Infected cookies detected c:\dokumente und einstellungen\internet\cookies\internet@com[1].txt Cookie: IndexTools.com Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Ignored Infected cookies detected c:\dokumente und einstellungen\internet\cookies\internet@indextools[2].txt Cookie: Ajan 1.0 Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count Status: Ignored Infected cookies detected c:\dokumente und einstellungen\internet\cookies\internet@xiti[1].txt wie gehts weiter? :-) |
|
|
||
22.10.2006, 15:18
Ehrenmitglied
Beiträge: 29434 |
#12
scanne noch mal - stelle alles auf remove" und loesche es somit (poste dann diesen report)
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.10.2006, 17:01
Member
Beiträge: 28 |
#13
also report habe ich keinen gefunden, war aber nach dem durchlauf alles sauber.
aber ad-aware findet diese toolbar immer noch?? |
|
|
||
22.10.2006, 17:07
Ehrenmitglied
Beiträge: 29434 |
#14
du hattest alles auf Status: Ignored - gelassen, ich hoffe, das hat sich nun erledigt...
«« poste den scanreport vom adaware __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.10.2006, 17:36
Member
Beiträge: 28 |
#15
nein hatte alles auf "remove" gestellt, dann nochmal durchlaufen lassen und dann war alles auber, aber mit ad-aware ist diese toolbar immernoch da??
|
|
|
||
adaware hat heute bei mir "softomate toolbar" als kritisches objekt gefunden.
hab ich natürlich gleich gelöscht.
aber gleich nach einem erneuten scann war das objekt wieder da.
nun meine frage ob wer damit erfahrung hat wie ich diese softomate toolbar endgültig wegkrieg von meinem pc.
achja....bevor mich wer darauf hinweist....ich habe gegoogelt und man findet auch sehr viel zu dieser toolbar nur habe ich noch nichts gefunden was mir wirklich weiterhelfen konnte.
mfg,julian