AntiSpywareApp

AntiSpywareApp - antispyware.sys

a-squared Anti-Malware

HijackThis

O4 - HKCU\..\Run: [AntiSpyware] C:\Programme\AntiSpywareApp\Antispyware.exe -boot

Combofix 
KILLALL::

Driver::
antispyware

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A911338-CC01-11DB-9705-005056C00008}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\28385C960CFAFE04B96F4F045CB2D183]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\
Antispywar_B95596C82495334D92E4A7C6DDCCEF6AA6E672E4]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Programme\AntiSpywareApp"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{69C58382-AFC0-40EF-9BF6-F440C52B1D38}]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ANTISPYWARE]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\antispyware]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ANTISPYWARE]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\antispyware]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ANTISPYWARE]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\antispyware]
[-HKEY_CURRENT_USER\Software\Antispyware]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\
Programs\AntiSpyware]

File::
C:\WINDOWS\Tasks\Antispyware Scheduled Scan.job
C:\WINDOWS\system32\drivers\antispyware.sys

Folder::
C:\Dokumente und Einstellungen\%Username%\Anwendungsdaten\Antispyware
C:\Programme\AntiSpywareApp
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AntiSpyware

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\\Programme\\AntiSpywareApp\\"=""
"C:\\Programme\\AntiSpywareApp\\FilterDrv\\"=""
"C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\AntiSpyware\\"=""
Combofix

2008-04-24 09:45 --------- d-----w C:\Users\%Username%\AppData\Roaming\Antispyware
2008-04-24 09:39 --------- d-----w C:\Users\Administrator\AppData\Roaming\Antispyware

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))

C:\Windows\17PHolmes1535.exe
C:\Windows\system32\aunjekno.dll
C:\Windows\system32\awttqopq.dll
C:\Windows\System32\cxgssnyp.ini
C:\Windows\system32\dqcuqora.dll

----------

File::
C:\Windows\Tasks\Antispyware Scheduled Scan.job

Folder::
C:\Program Files\AntiSpywareApp
C:\Users\%Username%\AppData\Roaming\Antispyware
C:\Users\Administrator\AppData\Roaming\Antispyware



virus-protect.org
startseite Valid HTML 4.01 Ranking-Hits antispam