Trojan.Win32.Crypt - Internet Optimizer - Power Scan
Lade aproposfix :
http://swandog46.geekstogo.com/aproposfix.exe
Entpacke es am besten auf dem Desktop, oder in einem anderen Ordner
Dann starte den PC im abgesicherten Modus und starte die runthis.bat die
sich im aproposfix Ordner befindet.
Danach den PC wieder normal starten
Trojan.Win32.Crypt,SideFind,Power Scan,SurfAccuracy,YourSiteBar,ISTsvc
Pop-Up von "Integrated Search Technologies"
C:\ddnctgg.exe
C:\WINDOWS\SYSTEM\unaompat.exe
C:\WINDOWS\SYSTEM\vbsthunk.exe
C:\Program Files\Aprps\ace.dll
C:\Program Files\Aprps\AI_03-12-2005.log
C:\Program Files\Aprps\atl.dll
C:\Program Files\Aprps\CxtPls.dll
C:\Program Files\Aprps\CxtPls.exe
C:\Program Files\Aprps\data.bin
C:\Program Files\Aprps\libexpat.dll
C:\Program Files\Aprps\ProxyStub.dll
C:\Program Files\Aprps\uninstaller.exe
C:\Program Files\Aprps\WinGenerics.dll
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\Program Files\AutoUpdate\libexpat.dll
C:\Program Files\Internet Optimizer\Conf\Browser Helper\cf1.dat
C:\Program Files\Internet Optimizer\Conf\Browser Helper\cf1_raw.dat
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Power Scan\powerscan.exe
C:\Program Files\Power Scan\uninstall.exe
C:\Program Files\SideFind\sfbho.dll
C:\Program Files\SideFind\sfexd001
C:\Program Files\SideFind\sidefind.dll
C:\Program Files\SideFind\update\sidefind.exe
C:\Program Files\SurfAccuracy\ide21201.vxd
C:\Program Files\SurfAccuracy\License.lnk
C:\Program Files\SurfAccuracy\SAcc.cfg
C:\Program Files\SurfAccuracy\SAcc.exe
C:\Program Files\SurfAccuracy\SAccU.exe
C:\Program Files\YourSiteBar\imagemap_normal.bmp
C:\Program Files\YourSiteBar\version.txt
C:\Program Files\YourSiteBar\yoursitebar.xml
C:\Program Files\YourSiteBar\ysb.dll
C:\WINDOWS\Downloaded Program Files\istactivex.dll
C:\WINDOWS\Downloaded Program Files\ysbactivex.dll
C:\WINDOWS\History\History.IE5\MSHist012005120320051204\index.dat
C:\WINDOWS\nem220.dll
C:\WINDOWS\Start Menu\Programma's\Power Scan\Power Scan.lnk
C:\WINDOWS\SYSTEM\auto_update_uninstall.exe
C:\WINDOWS\SYSTEM\auto_update_uninstall.log
datfindbat
C:\
DDNCTGG EXE 10.240 03-12-05 15:48 ddnctgg.exe
23990098 $$$ 402 03-12-05 2:45 23990098.$$$
C:\WINDOWS
NEM220 DLL 36.608 03-12-05 15:49 nem220.dll
HOSTS 686 02-12-05 1:26 HOSTS
WININIT BAK 334 03-12-05 15:50 WININIT.BAK
C:\WINDOWS\TEMP
SIDEFIND EXE 10.752 03-12-05 15:50 sidefind.exe
LT8PCSWG EXE 1.996.800 03-12-05 15:50 lt8PCSWg.exe
CFIN 66 03-12-05 15:49 cfin
CFOUT TXT 45 03-12-05 15:49 cfout.txt
OPTIMIZE EXE 52.104 03-12-05 15:49 optimize.exe
IDE21201 VXD 4.720 03-12-05 15:49 ide21201.vxd
IINSTALL EXE 27.136 03-12-05 15:48 iinstall.exe
----------------------------
qtdfmp
addod32.dll
adsldpbe.dll
audsbhub.sys
chkping.exe
crhj.exe
csvgj.exe.ren
dxvid.exe
glmkey01.exe
iinstall.exe
ipwf.exe
istactivex.dll
C:\Programme\ISTbar\cmctl.dl
ISTsvc/istsvc.exe
maxdd.game
mlcoa.dll
mmsmsnap.exe
mqfbib.exe
mswh.exe
C:\WINDOWS\nem220.dll
ntjk32.exe
n_qgofab.txt
optimize.exe
shldanim.exe
Power Scan/
Power Scan/powerscan.exe
Power Scan/uninstall.exe
C:\Programme\SideFind
C:\Programme\SideFind\sidefind.dll
C:\Programme\SideFind\sfbho.dll
C:\Programme\SideFind\update
C:\Programme\SideFind\update\sidefind.exe
sidefind.exe
st3.dll
subltrep.dll
SurfAccuracy
SurfAccuracy/SAcc.exe
SurfAccuracy/SAccU.exe
syshelp.exe
WinGenerics.dll
YourSiteBar/
YourSiteBar/ysb.dll
ysbactivex.dll
---------------------------------------------
spysweeper
counterspy
C:\Dokumente und Einstellungen\User\Internet Optimizer + C:\WINDOWS\nem220.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer
C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temp
(+)(FILE) ~DF6C63.tmp = 23:08 04.12.05 16384 bytes
(+)(FILE) cfin = 22:56 04.12.05 66 bytes
(+)(FILE) cfout.txt = 22:56 04.12.05 45 bytes
(+)(FILE) iinstall.exe = 22:56 04.12.05 27136 bytes
(+)(FILE) optimize.exe = 22:56 04.12.05 52104 bytes
(+)(FILE) Perflib_Perfdata_32c.dat = 23:11 04.12.05 16384 bytes
(+)(FILE) sidefind.exe = 22:56 04.12.05 10752 bytes
C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\Content.IE5\0LYJWPUF
(+)(FILE) 0006_regular[1].cab = 22:56 04.12.05 30386 bytes
(+)(FILE) 1[1] = 22:56 04.12.05 1644199 bytes
(+)(FILE) 1644745-58[1].gif = 22:57 04.12.05 11400 bytes
(+)(FILE) bottom[1].gif = 22:57 04.12.05 793 bytes
(+)(FILE) cm[1].htm = 22:57 04.12.05 2743 bytes
(+)(FILE) cmctl[1].dll = 22:57 04.12.05 34304 bytes
(+)(FILE) cracks4u[1] = 22:57 04.12.05 7846 bytes
(+)(FILE) cracks4u[1].html = 22:56 04.12.05 3912 bytes
(+)(FILE) dns-info[1].gif = 22:52 04.12.05 889 bytes
(+)(FILE) en-us_CSS_Classic[1].css = 22:52 04.12.05 8637 bytes
(+)(FILE) flash[1].swf = 22:53 04.12.05 50746 bytes
(+)(FILE) imagemap_normal[1].bmp = 22:57 04.12.05 31542 bytes
(+)(FILE) left[1].gif = 22:57 04.12.05 801 bytes
(+)(FILE) log_downloads[1].htm = 22:56 04.12.05 56 bytes
(+)(FILE) optimize[1].exe = 22:56 04.12.05 52104 bytes
(+)(FILE) right_bg[1].gif = 22:57 04.12.05 101 bytes
(+)(FILE) search[2] = 22:55 04.12.05 18430 bytes
(+)(FILE) search[3] = 22:55 04.12.05 6039 bytes
(+)(FILE) sidefind[1].exe = 22:56 04.12.05 10752 bytes
(+)(FILE) toolbar70-d[1].js = 22:57 04.12.05 15893 bytes
(+)(FILE) v70match[1].htm = 23:07 04.12.05 196 bytes
(+)(FILE) ysb_prompt[1].htm = 22:57 04.12.05 8811 bytes
(+)(FILE) WinGenerics.dll = 23:00 04.12.05 589824 bytes
(+)(FILE) terdntld.exe = 23:00 04.12.05 167936 bytes
(+)(FILE) srsxprxy.exe = 23:00 04.12.05 933888 bytes
(+)(FILE) data.bin = 23:00 04.12.05 117703 bytes
(+)(FILE) AI_04-12-2005.log = 23:00 04.12.05 3 bytes
(+)(FILE) ace.dll = 23:00 04.12.05 581632 bytes
C:\Programme\Outws nt\Cache
(+)(FILE) index = 23:07 04.12.05 526 bytes
(+)(FILE) dns = 23:07 04.12.05 438 bytes
(+)(FILE) 00006784_43936887_0005cd84 = 23:07 04.12.05 210 bytes
(+)(FILE) 00004ae1_4393688a_00073e76 = 23:07 04.12.05 525 bytes
(+)(FILE) 000018be_43936794_000b9e50 = 23:03 04.12.05 2180 bytes
(+)(FILE) 00000029_4393678f_00031aa8 = 23:07 04.12.05 3824 bytes
C:\Programme\Power Scan
(+)(FILE) uninstall.exe = 22:57 04.12.05 5120 bytes
(+)(FILE) powerscan.exe = 22:57 04.12.05 71680 bytes
C:\Programme\SideFind
(+)(FILE) sidefind.dll = 22:56 04.12.05 89600 bytes
(+)(FILE) sfexd001 = 22:56 04.12.05 75110 bytes
(+)(FILE) sfbho.dll = 22:56 04.12.05 96256 bytes
C:\Programme\SideFind\update
(+)(REG KEY) HKEY_LOCAL_MACHINE\SOFTWARE\SideFind
(+)(REG VAL) PathEXE = 'C:\Programme\Sidefind\update\sidefind.exe'
(+)(REG VAL) PathXML = 'C:\Programme\SideFind\sfexd001'
(+)(REG VAL) PathDLL = 'C:\Programme\SideFind\sidefind.dll'
(+)(REG VAL) PathBHO = 'C:\Programme\SideFind\sfbho.dll'
(+)(REG KEY) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SideFind
(+)(FILE) sidefind.exe = 22:56 04.12.05 10752 bytes
C:\Programme\SideFind\sfbho.dll
C:\Programme\SideFind\sidefind.dll
C:\Programme\SurfAccuracy
(+)(REG KEY) HKEY_LOCAL_MACHINE\SOFTWARE\SAcc
(+)(FILE) SAccU.exe = 22:56 04.12.05 12288 bytes
(+)(FILE) SAcc.exe = 22:56 04.12.05 107008 bytes
(+)(FILE) SAcc.cfg = 22:56 04.12.05 27234 bytes
(+)(FILE) License.lnk = 22:56 04.12.05 206 bytes
C:\WINDOWS
(+)(FILE) 0.log = 23:01 04.12.05 0 bytes
(+)(FILE) eyped.exe = 22:56 04.12.05 10240 bytes
(+)(FILE) nem220.dll = 22:56 04.12.05 36608 bytes
(+)(FILE) ntbtlog.txt = 23:10 04.12.05 101016 bytes
(+)(FILE) p5J0a = 23:08 04.12.05 24 bytes
C:\WINDOWS\Downloaded Program Files
(+)(FILE) istactivex.dll = 14:54 01.12.05 69632 bytes -->> C:\WINDOWS\Downloaded Program Files\istactivex.dlL
(+)(FILE) ysbactivex.dll = 14:54 01.12.05 69632 bytes -->> C:\WINDOWS\Downloaded Program Files\ysbactivex.dll
C:\WINDOWS\Prefetch
(+)(FILE) 1[1].EXE-1E2047A0.pf = 23:00 04.12.05 10548 bytes
(+)(FILE) CXTPLS_LOADER.EXE-0FC9048D.pf = 22:57 04.12.05 22198 bytes
(+)(FILE) DPLKBDBR.EXE-14128D19.pf = 23:08 04.12.05 10584 bytes
(+)(FILE) EYPED.EXE-0B67B63B.pf = 22:56 04.12.05 12190 bytes
(+)(FILE) IINSTALL.EXE-39C2552A.pf = 22:56 04.12.05 23892 bytes
(+)(FILE) IMGTTRIB.EXE-32449023.pf = 22:59 04.12.05 9018 bytes
(+)(FILE) IMGTTRIB.EXE-32A4CE7A.pf = 22:59 04.12.05 11258 bytes
(+)(FILE)INSTALL_CT.EXE-2384E65C.pf = 23:00 04.12.05 17692 bytes
(+)(FILE) ISRISUPD.EXE-34DAE4BB.pf = 22:57 04.12.05 13958 bytes
(+)(FILE) STSVC.EXE-0FDA9E97.pf = 22:56 04.12.05 18330 bytes
(+)(FILE) IYUMEBUF.EXE-09AD0FBB.pf = 22:57 04.12.05 24264 bytes
(+)(FILE) OPTIMIZE.EXE-0F50B042.pf = 22:56 04.12.05 20994 bytes
(+)(FILE) OPTIMIZE.EXE-149874EA.pf = 22:56 04.12.05 22950 bytes
(+)(FILE) RUNDLL32.EXE-2E0FDD21.pf = 23:02 04.12.05 32608 bytes
(+)(FILE) SACC.EXE-1EB949A3.pf = 22:56 04.12.05 22674 bytes
(+)(FILE) SIDEFIND.EXE-1ADD78C7.pf = 22:56 04.12.05 19018 bytes
(+)(FILE) SRSXPRXY.EXE-260D8599.pf = 23:08 04.12.05 15688 bytes
(+)(FILE) TASKMGR.EXE-20256C55.pf = 23:07 04.12.05 14580 bytes
(+)(FILE) TJEK2.COM-0618064B.pf = 23:08 04.12.05 25712 bytes
(+)(FILE) WPAXCQUU.EXE-2DEC6308.pf = 22:57 04.12.05 10314 bytes
C:\WINDOWS\system32
(+)(FILE) dplkbdbr.exe = 23:00 04.12.05 499712 bytes
(+)(FILE) isrfrgui.dll = 23:00 04.12.05 45056 bytes
C:\WINDOWS\system32\drivers
(+)(FILE) dxamspqm.sys = 23:00 04.12.05 12288 bytes
|
