AntiVir Fehlermeldung vtstr.exe |
||
---|---|---|
#0
| ||
17.01.2008, 11:06
Ehrenmitglied
Beiträge: 1441 |
||
|
||
18.01.2008, 15:34
...neu hier
Themenstarter Beiträge: 9 |
#17
Hallo Pinguin
hier ist der scanreport Viele Grüsse jb1957 Scan History Details Start Date: 2008-01-17 16:43:40 End Date: 2008-01-17 19:06:48 Total Time: 143 Min 8 Sec Detected security risks BearShare P2P Program more information... Details: BearShare is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives. Status: Deleted Registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\BEARSHARE HKEY_LOCAL_MACHINE\SOFTWARE\BEARSHARE HKEY_LOCAL_MACHINE\SOFTWARE\BEARSHARE HKEY_LOCAL_MACHINE\Software\Classes\GNUFILE HKEY_LOCAL_MACHINE\Software\Classes\GNUFILE HKEY_LOCAL_MACHINE\Software\Classes\GNUFILE HKEY_LOCAL_MACHINE\Software\Classes\GNUFILE HKEY_LOCAL_MACHINE\Software\Classes\GNUFILE\shell HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{5F95E1AF-2620-4F15-BDF9-7FDCE4607E17} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{5F95E1AF-2620-4F15-BDF9-7FDCE4607E17} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{5F95E1AF-2620-4F15-BDF9-7FDCE4607E17} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{5F95E1AF-2620-4F15-BDF9-7FDCE4607E17} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{5F95E1AF-2620-4F15-BDF9-7FDCE4607E17} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{5F95E1AF-2620-4F15-BDF9-7FDCE4607E17} Morpheus P2P Program more information... Details: P2P file sharing program that installs a number of adware programs. Morpheus also displays its own popup advertsing. Status: Deleted Registry entries detected HKEY_LOCAL_MACHINE\Software\Classes\MORPHTORRENT HKEY_LOCAL_MACHINE\Software\Classes\MORPHTORRENT HKEY_LOCAL_MACHINE\Software\Classes\MORPHTORRENT HKEY_LOCAL_MACHINE\Software\Classes\MORPHTORRENT\shell WhenU.Save Adware (General) more information... Details: WhenU.SaveNow is an adware application that displays pop-up advertising on the desktop in response to users' web browsing. Status: Deleted Files detected C:\Dokumente und Einstellungen\Spiele\Lokale Einstellungen\Temp\TMP146.tmp C:\QooBox\Quarantine\C\Programme\Save\ACM.dll.vir C:\QooBox\Quarantine\C\Programme\Save\ffext.mod.vir C:\QooBox\Quarantine\C\Programme\Save\SaveNowupdate.exe.vir Registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE\Partners HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE\Partners\WUSV HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE\Partners\WUSV HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE\Partners\WUSV HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE\Partners\WUSV HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE\Partners\WUSV HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE HKEY_LOCAL_MACHINE\SOFTWARE\WHENUSAVE Give4Free Browser Plug-in more information... Status: Deleted Files detected C:\PROGRAMME\GIVE4FREE PLUGIN\data c:\programme\give4free plugin\ibho.dll C:\PROGRAMME\GIVE4FREE PLUGIN\uninstall.exe C:\PROGRAMME\GIVE4FREE PLUGIN Registry entries detected HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2} HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2} HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2}\Implemented Categories HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2}\Implemented Categories\{00021494-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2}\Implemented Categories\{00021494-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2}\InProcServer32 HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2}\InProcServer32 HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2}\InProcServer32 HKEY_LOCAL_MACHINE\SOFTWARE\GIVE4FREE PLUGIN HKEY_LOCAL_MACHINE\SOFTWARE\GIVE4FREE PLUGIN\files HKEY_LOCAL_MACHINE\SOFTWARE\GIVE4FREE PLUGIN\files HKEY_LOCAL_MACHINE\SOFTWARE\GIVE4FREE PLUGIN HKEY_LOCAL_MACHINE\SOFTWARE\GIVE4FREE PLUGIN HKEY_LOCAL_MACHINE\SOFTWARE\GIVE4FREE PLUGIN HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{208E7E77-507A-4649-B0C9-D39E9049C7A2} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{208E7E77-507A-4649-B0C9-D39E9049C7A2} HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GIVE4FREE PLUGIN HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GIVE4FREE PLUGIN HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GIVE4FREE PLUGIN Bifrost Backdoor more information... Details: Bifrost is an advanced remote administration tool that allows users to remotely control computers that are behind firewalls and routers. Status: Deleted Registry entries detected HKEY_USERS\.DEFAULT\SOFTWARE\WGET HKEY_USERS\S-1-5-18\SOFTWARE\WGET WhenU.VVSN Adware Downloader more information... Details: WhenU.VVSN is an installer application for many WhenU products, including WhenU.Save!, WhenU.Weathercast, WhenUSearch, and WhenU.ClockSync. Status: Deleted Files detected C:\Dokumente und Einstellungen\Spiele\Lokale Einstellungen\Temp\VVSNInst.exe Trojan.HideWindow Trojan more information... Status: Deleted Files detected C:\WINDOWS\system32\cmdow.exe Backdoor.Rbot Backdoor more information... Details: Rbot is the name of a family of backdoor trojans, also known as worms, used by hackers to control a machine without the owner's knowledge. Status: Deleted Files detected C:\Programme\Valve\platform\steam_dev.exe Adware.Agent.gen Adware (General) more information... Status: Deleted Files detected C:\QooBox\Quarantine\C\Programme\IntelligentAdvisor\IntelligentAdvisor-2.dll.vir Cookie: Tracking Cookies Cookie (General) more information... Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs. Status: Deleted Cookies detected c:\dokumente und einstellungen\spiele\cookies\spiele@2o7[1].txt c:\dokumente und einstellungen\spiele\cookies\spiele@doubleclick[1].txt Adware.IntelligentAdvisor Browser Plug-in more information... Details: Adware.IntelligentAdvisor is an adware program that creates a BHO (browser helper object) on the user's machine and displays pop-up advertising on the desktop. Adware.IntelligentAdvisor reportedly has been stealth installed. Status: Deleted Registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\INTELLIGENTADVISOR HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\INTELLIGENTADVISOR HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\INTELLIGENTADVISOR |
|
|
||
Dcads Toolbar is a fake toolbar that demonstrates spyware tendencies....IntelligentAdvisor - ist auch nicht koscher, Save auch nicht ...also: weg mit dem Müll !!!
HijackTHis
Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Eintrag (sofern er noch vorhanden ist....)
und wähle fix checked + starte den Rechner neu.
Zitat
Combofix:erstelle wieder eine txt-Datei + wieder auf Combofix ziehen - Combofix wieder anwenden - 1 tippen
Zitat
««scanne mit counterspy (2 Wochen free) - poste hier den scanreport
http://www.virus-protect.org/counterspy1.html
__________
Gruss
Pinguin
bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/