JaNeK 819 Melden Teilen Geschrieben 17. September 2006 (bearbeitet) so einen virus gefunden bitte fixen O4 - HKLM\..\Run: [showwnd] showwnd.exe also häkchen setzen und fix drücken Edit: wenn du nicht weisst was dieser prozess ist : O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\PROGRA~1\FlashGet\getflash.dll auch fixen sonst sieht alles gut aus Edit 2:habe mich mal über showwnd.exe schlau gemacht...scheint ein fetter fisch zu sein auf jedenfall noch mal alles scanen.. z.b mit Ad-aware und s&d Bearbeitet 17. September 2006 von JaNeK Link zu diesem Kommentar Auf anderen Seiten teilen More sharing options...
Cyborg11 186 Melden Teilen Geschrieben 17. September 2006 so einen virus gefunden bitte fixen O4 - HKLM\..\Run: [showwnd] showwnd.exe also häkchen setzen und fix drücken Edit: wenn du nicht weisst was dieser prozess ist : O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\PROGRA~1\FlashGet\getflash.dll auch fixen sonst sieht alles gut aus Ah danke Ich hoffe, es klaptt jetzt wieder Link zu diesem Kommentar Auf anderen Seiten teilen More sharing options...
Cyborg11 186 Melden Teilen Geschrieben 17. September 2006 So hab jetzt mal mit Adaware scannen lassen und es nicht gut Und hier der Bericht: Ad-Aware SE Build 1.06r1 Logfile Created on:Sonntag, 17. September 2006 12:48:48 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R123 14.09.2006 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» H@tKeysH@@k(TAC index:5):1 total references Softomate Toolbar(TAC index:9):14 total references Tracking Cookie(TAC index:3):14 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 17.09.2006 12:48:48 - Scan started. (Full System Scan) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 356 ThreadCreationTime : 17.09.2006 07:44:16 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 412 ThreadCreationTime : 17.09.2006 07:44:23 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 436 ThreadCreationTime : 17.09.2006 07:44:23 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 480 ThreadCreationTime : 17.09.2006 07:44:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 492 ThreadCreationTime : 17.09.2006 07:44:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 660 ThreadCreationTime : 17.09.2006 07:44:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 712 ThreadCreationTime : 17.09.2006 07:44:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 752 ThreadCreationTime : 17.09.2006 07:44:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 816 ThreadCreationTime : 17.09.2006 07:44:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 852 ThreadCreationTime : 17.09.2006 07:44:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 984 ThreadCreationTime : 17.09.2006 07:44:26 BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [clcapsvc.exe] FilePath : C:\Programme\Home Cinema\PowerCinema\Kernel\TV\ ProcessID : 1100 ThreadCreationTime : 17.09.2006 07:44:34 BasePriority : Normal FileVersion : 4.05.1422 ProductVersion : 4.05.1422 ProductName : CLCapSvc Module FileDescription : CLCapSvc Module InternalName : CLCapSvc LegalCopyright : Copyright 2004 OriginalFilename : CLCapSvc.EXE #:13 [clmlserver.exe] FilePath : C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\ ProcessID : 1116 ThreadCreationTime : 17.09.2006 07:44:34 BasePriority : Normal FileVersion : 2, 1, 0, 2301 ProductVersion : 2, 1, 0, 2301 ProductName : Cyberlink Media Library Server CompanyName : Cyberlink FileDescription : NT CLMLServer InternalName : NT CLMLServer LegalCopyright : Copyright c 2004 OriginalFilename : CLMLServer.exe #:14 [inorpc.exe] FilePath : C:\Programme\CA\eTrust Antivirus\ ProcessID : 1152 ThreadCreationTime : 17.09.2006 07:44:34 BasePriority : Normal FileVersion : 7.1.194.0 ProductVersion : 7.1.194.0 ProductName : eTrust Antivirus CompanyName : Computer Associates International, Inc. InternalName : InoRpc.exe LegalCopyright : Copyright 2004 Computer Associates International, Inc. LegalTrademarks : eTrust is a trademark of Computer Associates Int'l, Inc. OriginalFilename : InoRpc.exe Comments : eTrust Antivirus English Version #:15 [inort.exe] FilePath : C:\Programme\CA\eTrust Antivirus\ ProcessID : 1184 ThreadCreationTime : 17.09.2006 07:44:34 BasePriority : Normal FileVersion : 7.1.194.0 ProductVersion : 7.1.194.0 ProductName : eTrust Antivirus CompanyName : Computer Associates International, Inc. InternalName : InoRT.dll LegalCopyright : Copyright 2004 Computer Associates International, Inc. LegalTrademarks : eTrust is a trademark of Computer Associates Int'l, Inc. OriginalFilename : InoRT.dll Comments : eTrust Antivirus English Version #:16 [inotask.exe] FilePath : C:\Programme\CA\eTrust Antivirus\ ProcessID : 1212 ThreadCreationTime : 17.09.2006 07:44:34 BasePriority : Normal FileVersion : 7.1.194.0 ProductVersion : 7.1.194.0 ProductName : eTrust Antivirus CompanyName : Computer Associates International, Inc. InternalName : InoTask.exe LegalCopyright : Copyright 2004 Computer Associates International, Inc. LegalTrademarks : eTrust is a trademark of Computer Associates Int'l, Inc. OriginalFilename : InoTask.exe Comments : eTrust Antivirus English Version #:17 [lssrvc.exe] FilePath : C:\Programme\Gemeinsame Dateien\LightScribe\ ProcessID : 1324 ThreadCreationTime : 17.09.2006 07:44:35 BasePriority : Normal FileVersion : 1.4.56.1 ProductName : LightScribe CompanyName : Hewlett-Packard Company LegalCopyright : © Copyright 2003-2005 Hewlett-Packard Development Company, LP OriginalFilename : LSSrvc.exe #:18 [mdm.exe] FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\ ProcessID : 1412 ThreadCreationTime : 17.09.2006 07:44:35 BasePriority : Normal FileVersion : 7.00.9466 ProductVersion : 7.00.9466 ProductName : Microsoft® Visual Studio .NET CompanyName : Microsoft Corporation FileDescription : Machine Debug Manager InternalName : mdm.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : mdm.exe #:19 [nvsvc32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1444 ThreadCreationTime : 17.09.2006 07:44:35 BasePriority : Normal FileVersion : 6.14.10.8391 ProductVersion : 6.14.10.8391 ProductName : NVIDIA Driver Helper Service, Version 83.91 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 83.91 InternalName : NVSVC LegalCopyright : © NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:20 [richvideo.exe] FilePath : C:\Programme\CyberLink\Shared Files\ ProcessID : 1496 ThreadCreationTime : 17.09.2006 07:44:35 BasePriority : Normal FileVersion : 1.1.0808 ProductVersion : 1.1.0808 ProductName : RichVideo Module FileDescription : RichVideo Module InternalName : RichVideo LegalCopyright : Copyright 2004 OriginalFilename : RichVideo.EXE #:21 [wdfmgr.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1560 ThreadCreationTime : 17.09.2006 07:44:35 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:22 [x10nets.exe] FilePath : C:\PROGRA~1\COMMON~1\X10\Common\ ProcessID : 1604 ThreadCreationTime : 17.09.2006 07:44:35 BasePriority : Realtime FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : x10 Module CompanyName : X10 FileDescription : X10 Module InternalName : x10 LegalCopyright : Copyright 1999 X10 OriginalFilename : x10.exe #:23 [clsched.exe] FilePath : C:\Programme\Home Cinema\PowerCinema\Kernel\TV\ ProcessID : 1804 ThreadCreationTime : 17.09.2006 07:44:37 BasePriority : Normal FileVersion : 4.05.1422 ProductVersion : 4.05.1422 ProductName : CLSched Module FileDescription : CLSched Module InternalName : CLSched LegalCopyright : Copyright 2004 OriginalFilename : CLSched.EXE #:24 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 104 ThreadCreationTime : 17.09.2006 07:44:39 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:25 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1992 ThreadCreationTime : 17.09.2006 07:45:00 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:26 [rthdcpl.exe] FilePath : C:\WINDOWS\ ProcessID : 2276 ThreadCreationTime : 17.09.2006 07:45:01 BasePriority : Normal FileVersion : 2.0.3.9 ProductVersion : 2.0.3.9 ProductName : Realtek HD Audio Sound Effect Manager CompanyName : Realtek Semiconductor Corp. FileDescription : Realtek HD Audio Control Panel LegalCopyright : Copyright © 2004 Realtek Semiconductor Corp. OriginalFilename : RTHDCPL.EXE #:27 [pcmservice.exe] FilePath : C:\Programme\Home Cinema\PowerCinema\ ProcessID : 2292 ThreadCreationTime : 17.09.2006 07:45:01 BasePriority : Realtime FileVersion : 4, 5, 0, 0 ProductVersion : 4, 5, 0, 0 ProductName : Cyberlink PowerCinema CompanyName : CyberLink Corp. FileDescription : CyberLink PowerCinema Resident Program InternalName : CyberLink PowerCinema Resident Program LegalCopyright : Copyright © 2005 CyberLink Corp. OriginalFilename : PCMService.exe #:28 [cmucreye.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2316 ThreadCreationTime : 17.09.2006 07:45:02 BasePriority : Normal FileVersion : 1, 0, 0, 36 ProductVersion : 1, 0, 0, 36 ProductName : CmCardMonitor Application FileDescription : CmCardMonitor MFC Application InternalName : CmCardMonitor LegalCopyright : Copyright © 2003 OriginalFilename : CmWatch.EXE #:29 [mdionlcm.exe] FilePath : C:\Programme\Medion Info Display\ ProcessID : 2324 ThreadCreationTime : 17.09.2006 07:45:02 BasePriority : Normal FileVersion : 1, 2, 0, 3 ProductVersion : 1, 27, 0, 2006 ProductName : Dritek System Inc. MdionLCM CompanyName : Dritek System Inc. FileDescription : Medion Info Display InternalName : MdionLCM LegalCopyright : Copyright© 2005-2006 OriginalFilename : MdionLCM.exe #:30 [mhotkey.exe] FilePath : C:\WINDOWS\ ProcessID : 2336 ThreadCreationTime : 17.09.2006 07:45:02 BasePriority : Normal FileVersion : 3, 0, 0, 10 ProductVersion : 3, 0, 0, 0 ProductName : Multimedia Keyboard Driver FileDescription : Multimedia Keyboard Driver InternalName : Multimedia Hotkey Driver LegalCopyright : Copyright © 2004. OriginalFilename : mHotkey.res #:31 [cnyhkey.exe] FilePath : C:\WINDOWS\ ProcessID : 2344 ThreadCreationTime : 17.09.2006 07:45:03 BasePriority : Normal FileVersion : 2, 2, 0, 2 ProductVersion : 2, 2, 0, 0 ProductName : Multimedia Driver CompanyName : Chicony FileDescription : Chicony Multimedia Keyboard Driver InternalName : Multimedia Hotkey Driver LegalCopyright : Copyright © 2005 Chicony OriginalFilename : mHotkey.res #:32 [realmon.exe] FilePath : C:\PROGRA~1\CA\ETRUST~1\ ProcessID : 2372 ThreadCreationTime : 17.09.2006 07:45:03 BasePriority : Normal FileVersion : 7.1.194.0 ProductVersion : 7.1.194.0 ProductName : eTrust Antivirus CompanyName : Computer Associates International, Inc. InternalName : Realmon.exe LegalCopyright : Copyright 2004 Computer Associates International, Inc. LegalTrademarks : eTrust is a trademark of Computer Associates Int'l, Inc. OriginalFilename : Realmon.exe Comments : eTrust Antivirus English Version #:33 [tmtmtsr.exe] FilePath : C:\Programme\Thrustmaster\Thrustmapper\ ProcessID : 2380 ThreadCreationTime : 17.09.2006 07:45:03 BasePriority : Normal FileVersion : 2.12 ProductVersion : 3.02 ProductName : Thrustmapper 3 Software Pack CompanyName : Guillemot Corporation FileDescription : Thrustmapper 3 Taskbar Utility InternalName : TMTMTSR LegalCopyright : © 2001, Thrustmaster, All Rights Reserved OriginalFilename : TMTMTSR.exe #:34 [rundll32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2388 ThreadCreationTime : 17.09.2006 07:45:03 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Eine DLL-Datei als Anwendung ausführen InternalName : rundll LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : RUNDLL.EXE #:35 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2400 ThreadCreationTime : 17.09.2006 07:45:03 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:36 [xfire.exe] FilePath : C:\Programme\Xfire\ ProcessID : 2440 ThreadCreationTime : 17.09.2006 07:45:04 BasePriority : Normal FileVersion : 13133 ProductVersion : 13133 ProductName : Xfire CompanyName : Xfire Inc. FileDescription : Xfire InternalName : xfire LegalCopyright : Copyright 2004 Xfire Inc. OriginalFilename : xfire.exe Comments : Xfire #:37 [icqlite.exe] FilePath : C:\Programme\ICQLite\ ProcessID : 1880 ThreadCreationTime : 17.09.2006 09:20:11 BasePriority : Normal FileVersion : 20, 52, 2573, 0 ProductVersion : 20, 52, 2573, 0 ProductName : ICQLite CompanyName : ICQ Ltd. FileDescription : ICQLite InternalName : ICQ Lite LegalCopyright : Copyright © 2002 OriginalFilename : ICQLite.exe #:38 [firefox.exe] FilePath : C:\Programme\Mozilla Firefox\ ProcessID : 3032 ThreadCreationTime : 17.09.2006 10:41:58 BasePriority : Normal #:39 [ad-aware.exe] FilePath : D:\PROGRA~1\Lavasoft\AD-AWA~1\ ProcessID : 3444 ThreadCreationTime : 17.09.2006 10:48:35 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{77d6ddfa-7834-4541-b2b3-a8b0fb0e3924} Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{7558e739-8e7c-44bb-bce7-1bf0d72b7026} Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{855f3b16-6d32-4fe6-8a56-bbb695989046} Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_USERS Object : S-1-5-21-4089814401-2921936615-2382915539-1008\software\microsoft\windows\currentversion\ext\stats\{855f3b16-6d32-4fe6-8a56-bbb695989046} Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 4 Objects found so far: 4 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 4 Softomate Toolbar Object Recognized! Type : RegValue Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\toolbar Value : {855f3b16-6d32-4fe6-8a56-bbb695989046} Softomate Toolbar Object Recognized! Type : RegValue Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_USERS Object : S-1-5-21-4089814401-2921936615-2382915539-1008\software\microsoft\internet explorer\toolbar\Webbrowser Value : {855f3b16-6d32-4fe6-8a56-bbb695989046} Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@questionmarket[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:95 Value : Cookie:matthias@questionmarket.com/ Expires : 09.09.2006 11:06:52 LastSync : Hits:95 UseCount : 0 Hits : 95 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@adserver.71i[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:matthias@adserver.71i.de/ Expires : 30.12.2037 18:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@zedo[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1854 Value : Cookie:matthias@zedo.com/ Expires : 23.04.2016 20:56:54 LastSync : Hits:1854 UseCount : 0 Hits : 1854 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@mediaplex[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:14 Value : Cookie:matthias@mediaplex.com/ Expires : 22.06.2009 02:00:00 LastSync : Hits:14 UseCount : 0 Hits : 14 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@weborama[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:matthias@weborama.fr/ Expires : 07.07.2008 13:09:36 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@rambler[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:205 Value : Cookie:matthias@rambler.ru/ Expires : 01.01.2008 02:00:00 LastSync : Hits:205 UseCount : 0 Hits : 205 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@advertising[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:10 Value : Cookie:matthias@advertising.com/ Expires : 31.07.2011 16:35:06 LastSync : Hits:10 UseCount : 0 Hits : 10 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@doubleclick[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:88 Value : Cookie:matthias@doubleclick.net/ Expires : 01.05.2009 18:30:28 LastSync : Hits:88 UseCount : 0 Hits : 88 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@2o7[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:652 Value : Cookie:matthias@2o7.net/ Expires : 16.09.2011 11:21:44 LastSync : Hits:652 UseCount : 0 Hits : 652 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@statse.webtrendslive[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:matthias@statse.webtrendslive.com/ Expires : 13.05.2016 19:40:58 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@as1.falkag[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:36 Value : Cookie:matthias@as1.falkag.de/ Expires : 19.09.2006 10:29:24 LastSync : Hits:36 UseCount : 0 Hits : 36 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:39 Value : Cookie:matthias@atdmt.com/ Expires : 15.05.2011 02:00:00 LastSync : Hits:39 UseCount : 0 Hits : 39 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@serving-sys[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:14 Value : Cookie:matthias@serving-sys.com/ Expires : 01.01.2038 LastSync : Hits:14 UseCount : 0 Hits : 14 Tracking Cookie Object Recognized! Type : IECache Entry Data : matthias@adtech[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:matthias@adtech.de/ Expires : 18.08.2016 11:28:52 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 14 Objects found so far: 20 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» H@tKeysH@@k Object Recognized! Type : File Data : H@tKeysH@@k.DLL TAC Rating : 5 Category : Data Miner Comment : Object : C:\WINDOWS\system32\ Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 21 Deep scanning and examining files (D:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 21 Deep scanning and examining files (E:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for E:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 21 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 21 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : toolbaricqtoolbar.icqtoolbarobject.1 Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : toolbaricqtoolbar.icqtoolbarobject Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : icq.ietoolbar.1 Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : icq.ietoolbar Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\icqtoolbar Softomate Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\toolbaricqtoolbar.icqtoolbarobjectietoolbar Softomate Toolbar Object Recognized! Type : RegValue Data : TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\toolbaricqtoolbar.icqtoolbarobjectietoolbar Value : UninstallString Softomate Toolbar Object Recognized! Type : RegData Data : 0 TAC Rating : 9 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\internet explorer\main\featurecontrol\feature_localmachine_lockdown Value : iexplore.exe Data : 0 Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 8 Objects found so far: 29 13:26:37 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:37:49.46 Objects scanned:359775 Objects identified:29 Objects ignored:0 New critical objects:29 Link zu diesem Kommentar Auf anderen Seiten teilen More sharing options...
JaNeK 819 Melden Teilen Geschrieben 17. September 2006 (bearbeitet) wohooo müsste aber alles entfernt worden sein..check nochmal..diesmal nur c! Bearbeitet 17. September 2006 von JaNeK Link zu diesem Kommentar Auf anderen Seiten teilen More sharing options...
private jackson 94 Melden Teilen Geschrieben 17. September 2006 Hi. Lass mal Ewido drüber laufen. Der entfernt die meisten Virus. Ewido Hatte letzte Woche auch einen Virus drauf.Habe den Virus durch MSN bekommen.Bin mit Ewido und Antivir drüber. Die haben es gefunden und gelöscht. Habe auch ein Windows Update gemacht. Nun geht wieder alles. Link zu diesem Kommentar Auf anderen Seiten teilen More sharing options...
-=Sarlon=- 516 Melden Teilen Geschrieben 19. September 2006 (bearbeitet) PrevX1 hat mich auch gehelft, als PC nix mehr getut €: Wenn nix wissen, was zu tun guggn du hier Bearbeitet 19. September 2006 von -=Sarlon=- Link zu diesem Kommentar Auf anderen Seiten teilen More sharing options...
Cyborg11 186 Melden Teilen Geschrieben 19. September 2006 Mein Virus ist schon weg, danke Leute Link zu diesem Kommentar Auf anderen Seiten teilen More sharing options...