Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Anti Spy Check

Anti Spy Check


Plagegeister aller Art und deren Bekämpfung: Anti Spy Check

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.08.2008, 19:22   #1
dori78
 
Anti Spy Check - Standard

Anti Spy Check


Hallo,
Ich habe ein Problem.
Vorhin als ich mir ein Video anschauen wollte, habe ich mir dummerweise eine Datei runtergeladen wo ein Virus drauf war.
Ich habe auch schonmal zu dem Problem etwas gegooglet und habe herausgefunden, dass ich das Programm "Anti Spy Check" auf meinem PC habe.
Nach kurzer Zeit habe ich dann das Programm SpyHunter installiert um den Virus loszuwerden. Also habe ich erstmal alles durchsucht und auch Viren gefunden.
Dann habe ich aber, meiner Meinung nach einen entscheidenen Fehler gemacht:
1.Ich habe den Scan von SpyHunter gestoppt, obwohl dieser noch nicht fertig war.
2.Dann habe ich die Dateien, die gefunden wurden, mit Häckchen versehen.
3.Zu guter letzt habe ich mit dem recht Klick, irgendtwas gemacht was aber nicht gut gewesen sein kann.
Eigentlich dachte ich damit lösche ich die Dateien indem ich rechtklick und dann auf die Anweisung klicke. Dies scheint aber nicht der Fall gewesen zu sein, denn AntiSpyCheck ist immernoch auf meinem PC.
Wenn ich jetzt aber mit SpyHunter alles durchsuche finde ich keine Viren mehr, was nun?
Danke für alle Bemühungen.

Gruß Dorian

PS: Ich hoffe, ich habe mich nicht zu unverständlich ausgedrückt.

Alt 22.08.2008, 19:51   #2
myrtille
/// TB-Ausbilder
 
Anti Spy Check - Standard

Anti Spy Check


Hi,

Welches Betriebssystem nutzt du denn?

lg myrtille
__________________

__________________
Alt 22.08.2008, 19:54   #3
dori78
 
Anti Spy Check - Standard

Anti Spy Check


Windows XP.

Gruß Dorian
__________________
Alt 22.08.2008, 19:56   #4
myrtille
/// TB-Ausbilder
 
Anti Spy Check - Standard

Anti Spy Check


Hi,

lade dir bitte mal Malwarebytes herunter und führe es aus. Lass alle Funde löschen und poste das Log hier.

Erstelll bitte auch ein Log mit HijackThis und poste es ebenfalls hier.

lg myrtille
__________________
Anfragen per Email, Profil- oder privater Nachricht werden ignoriert!
Hilfe gibts NUR im Forum!

Wer nach 24 Stunden keine weitere Antwort von mir bekommen hat, schickt bitte eine PM

Spelling mistakes? Never, but keybaord malfunctions constantly!
Alt 22.08.2008, 22:31   #5
dori78
 
Anti Spy Check - Standard

Anti Spy Check


Mit Hijackthis

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:19:09, on 22.08.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\T-DSL SpeedManager\SpeedMgr.exe
D:\Java\jre1.6.0_03\bin\jusched.exe
D:\BitDefender\BitDefender 2008\bdagent.exe
D:\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
D:\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Labtec\Desktop\6.0\KbdAp32A.exe
D:\Labtec\Desktop\6.0\MOffice.exe
C:\WINDOWS\system32\ctfmon.exe
D:\ICQ6\ICQ.exe
D:\Labtec\Desktop\6.0\Mouse32V.exe
C:\Programme\Gemeinsame Dateien\Teleca Shared\CapabilityManager.exe
C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe
D:\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe
D:\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
D:\T-DSL SpeedManager\tsmsvc.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Besitzer\Desktop\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.com]Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157]MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157]MSN.com
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQTOO~1\toolbaru.dll
O1 - Hosts: 80.239.151.231 db1.rapidshare.com
O1 - Hosts: 80.239.151.232 db2.rapidshare.com
O1 - Hosts: 80.239.151.233 db3.rapidshare.com
O1 - Hosts: 80.239.151.234 db4.rapidshare.com
O1 - Hosts: 80.239.151.235 db5.rapidshare.com
O1 - Hosts: 80.239.151.253 games.rapidshare.com
O1 - Hosts: 80.239.151.251 images.rapidshare.com
O1 - Hosts: 80.239.151.240 images2.rapidshare.com
O1 - Hosts: 82.129.39.245 kvm1.rapidshare.com
O1 - Hosts: 82.129.39.246 kvm2.rapidshare.com
O1 - Hosts: 82.129.39.247 kvm3.rapidshare.com
O1 - Hosts: 82.129.39.248 kvm4.rapidshare.com
O1 - Hosts: 82.129.39.249 kvm5.rapidshare.com
O1 - Hosts: 80.239.151.250 mail.rapidshare.com
O1 - Hosts: 80.239.151.250 ns1.rapidshare.com
O1 - Hosts: 80.239.151.234 ns2.rapidshare.com
O1 - Hosts: 80.239.151.250 pay.rapidshare.com
O1 - Hosts: 80.239.151.240 rem1.rapidshare.com
O1 - Hosts: 82.129.39.2 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.3 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.4 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.5 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.6 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.7 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.8 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.9 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.10 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.11 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.12 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.13 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.14 rs0cg.rapidshare.com
O1 - Hosts: 82.129.39.15 rs0cg.rapidshare.com
O1 - Hosts: 82.129.35.2 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.3 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.4 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.5 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.6 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.7 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.8 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.9 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.10 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.11 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.12 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.13 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.14 rs0cg2.rapidshare.com
O1 - Hosts: 82.129.35.15 rs0cg2.rapidshare.com
O1 - Hosts: 80.152.62.2 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.3 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.4 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.5 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.6 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.7 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.8 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.9 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.10 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.11 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.12 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.13 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.14 rs0dt.rapidshare.com
O1 - Hosts: 80.152.62.15 rs0dt.rapidshare.com
O1 - Hosts: 64.215.245.2 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.3 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.4 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.5 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.6 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.7 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.8 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.9 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.10 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.11 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.12 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.13 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.14 rs0gc.rapidshare.com
O1 - Hosts: 64.215.245.15 rs0gc.rapidshare.com
O1 - Hosts: 207.138.168.2 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.3 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.4 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.5 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.6 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.7 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.8 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.9 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.10 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.11 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.12 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.13 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.14 rs0gc2.rapidshare.com
O1 - Hosts: 207.138.168.15 rs0gc2.rapidshare.com
O1 - Hosts: 80.239.151.2 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.3 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.4 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.5 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.6 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.7 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.8 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.9 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.10 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.11 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.12 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.13 rs0l3.rapidshare.com
O1 - Hosts: 80.239.151.14 rs0l3.rapidshare.com
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - D:\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQTOO~1\toolbaru.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "D:\T-DSL SpeedManager\SpeedMgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "D:\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SpyHunter Security Suite] D:\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [swg] D:\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "D:\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized
O4 - HKCU\..\Run: [LWBKEYBOARD] "D:\Labtec\Desktop\6.0\KbdAp32A.exe"
O4 - HKCU\..\Run: [LWBMOUSE] "D:\Labtec\Desktop\6.0\MOffice.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "D:\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://D:\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1190879313125
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - D:\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - D:\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Programme\Gemeinsame Dateien\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 12113 bytes


Alt 22.08.2008, 22:33   #6
dori78
 
Anti Spy Check - Standard

Anti Spy Check


Mit MalwareBytes

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.25
Datenbank Version: 1077
Windows 5.1.2600 Service Pack 2

23:06:52 22.08.2008
mbam-log-08-22-2008 (23-06-52).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 115606
Laufzeit: 2 hour(s), 3 minute(s), 27 second(s)

Infizierte Speicherprozesse: 3
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 27
Infizierte Registrierungswerte: 22
Infizierte Dateiobjekte der Registrierung: 14
Infizierte Verzeichnisse: 1
Infizierte Dateien: 21

Infizierte Speicherprozesse:
C:\WINDOWS\system32\ubpr01.exe (Trojan.Zlob) -> Unloaded process successfully.
D:\Applications\iebtm.exe (Trojan.Zlob) -> Unloaded process successfully.
D:\Applications\iebtmm.exe (Trojan.Zlob) -> Unloaded process successfully.

Infizierte Speichermodule:
C:\WINDOWS\system32\kcekz.dll (Trojan.Zlob) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{8dc71747-ace0-40c1-8947-54f107d0639b} (Trojan.Zlob.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spywarning.warningbho (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spywarning.warningbho.1 (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f58ff278-2198-403b-9170-c95022a194c6} (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D2608046-DD09-A225-01BF-70C1EDD8B2E8} (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226} (Rogue.PestPatrol) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7b7a5443-2586-4118-804c-cb4a90a00524} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b7a5443-2586-4118-804c-cb4a90a00524} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f58ff278-2198-403b-9170-c95022a194c6} (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\x123.x123mgr (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\x123.x123mgr.1 (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ASpyC (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3bebf2fe-7248-40e2-9752-8163eb6c4038} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0bd44ab1-76a7-4e05-92f4-4b065fe72bd6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0bd44ab1-76a7-4e05-92f4-4b065fe72bd6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Web Technologies (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{8dc71747-ace0-40c1-8947-54f107d0639b} (Trojan.Zlob.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wblogon (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3bebf2fe-7248-40e2-9752-8163eb6c4038} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3bebf2fe-7248-40e2-9752-8163eb6c4038} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\searchassistant (Trojan.Zlob) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\searchassistant (Trojan.Zlob) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\search page (Trojan.Zlob) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\search bar (Trojan.Zlob) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\default_search_url (Trojan.Zlob) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\searchurl (Trojan.Zlob) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\default_search_url (Trojan.Zlob) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\search page (Trojan.Zlob) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\search bar (Trojan.Zlob) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\searchmigrateddefaulturl (Trojan.Zlob) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\searchurl (Trojan.Zlob) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Hijack.Search) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\w\ (Hijack.Search) -> Bad: (http://internetsearchservice.com/search?q=%s) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURL (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.Search) -> Bad: (http://internetsearchservice.com/ie6.html) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.Search) -> Bad: (http://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.Search) -> Bad: (http://internetsearchservice.com/ie6.html) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Hijack.Search) -> Bad: (http://internetsearchservice.com/search?q={searchTerms}) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.Search) -> Bad: (http://internetsearchservice.com) Good: (http://www.google.com/) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
D:\ASpyC (Rogue.AntiSpyCheck) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\WINDOWS\system32\kcekz.dll (Trojan.Zlob.H) -> Delete on reboot.
C:\WINDOWS\system32\276177\276177.dll (Trojan.BHO) -> Quarantined and deleted successfully.
D:\ASpyC\ASpyC.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
D:\System Volume Information\_restore{4B833A91-69EF-43F6-B636-40BCB2F1E800}\RP243\A0052370.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ubpr01.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Online Spyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\iebr.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\iebt.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\iebtm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\iebtmm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\iebtu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\iebu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
D:\Applications\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Temp\tes1.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Besitzer\Favoriten\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.

Antwort

Themen zu Anti Spy Check
anschauen, anti, anweisung, check, datei, dateien, fehler, fertig, gestoppt, guter, hoffe, immernoch, installiert, keine viren, klick, kurzer, letzt, meinung, programm, recht, scan, schonmal, spy, video, viren, virus


« [Trojan.DNSChanger] // Bekomme ihn nicht weg! | Gegenmittel zu TR/Vundo.gen »


Ähnliche Themen: Anti Spy Check


  1. Verständnis Frage; Malwarebytes Anti-Malware vs. Malwarebytes Anti-Rootkit
    Antiviren-, Firewall- und andere Schutzprogramme - 21.12.2014 (3)
  2. PC Check
    Log-Analyse und Auswertung - 22.06.2014 (27)
  3. S.M.A.R.T Check
    Log-Analyse und Auswertung - 12.05.2012 (5)
  4. Anti Virus Anti Spyware 2011 - Nach der Anleitung von AdminBot / DaGuRu gelöscht
    Log-Analyse und Auswertung - 03.04.2011 (1)
  5. PC check ok?
    Log-Analyse und Auswertung - 26.01.2010 (1)
  6. Anti Spy Check 2.1 Problem
    Log-Analyse und Auswertung - 05.09.2008 (6)
  7. Wie entferne ich Anti Spy Check vom Rechner ??
    Plagegeister aller Art und deren Bekämpfung - 27.08.2008 (13)
  8. anti spy check- virus- 1000e pop ups
    Plagegeister aller Art und deren Bekämpfung - 02.08.2008 (1)
  9. check this out yo
    Log-Analyse und Auswertung - 12.10.2007 (3)
  10. Viren Check
    Mülltonne - 11.08.2007 (2)
  11. May u check me plz?!
    Log-Analyse und Auswertung - 28.06.2007 (1)
  12. Bitte Um Hjt Check
    Mülltonne - 06.11.2006 (1)
  13. HJT-Log>>Please check!
    Log-Analyse und Auswertung - 09.04.2006 (2)
  14. check
    Mülltonne - 08.03.2006 (1)
  15. pls check!
    Log-Analyse und Auswertung - 07.03.2005 (9)
  16. Hjt log check
    Log-Analyse und Auswertung - 27.01.2005 (1)
  17. Bitte um Log Check
    Log-Analyse und Auswertung - 16.01.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Anti Spy Check - Hallo, Ich habe ein Problem. Vorhin als ich mir ein Video anschauen wollte, habe ich mir dummerweise eine Datei runtergeladen wo ein Virus drauf war. Ich habe auch schonmal zu - Anti Spy Check...
Archiv
Du betrachtest: Anti Spy Check auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27