Adware
|
Adware.CnsMinAdware.CnsMin, cns.dat, CnsMin.dll, CnsMinIO.dll, cnsio.dll, CnsHook.dll zur Startseite
Sicherheitsforum: http://board.protecus.de
HijackThis R3 - URLSearchHook: (no name) - _{D157330A-9EF3-49F8-9A67-4141AC41ADD4} - (no file) O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\DOWNLO~1\CnsHook.dll O2 - BHO: Internet Explorer - {DF7F6ABE-95A0-4671-8006-447471BE3BF1} - C:\WINDOWS\system32\InetHlpd. O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll O2 - BHO: EyeOnBrowser Class - {1272F701-349D-4DB3-BBCD-10CBDCD049FE} - C:\WINDOWS\Downlo~1\_IS_0518\_IS_WEBH.dll O2 - BHO: VeryCD - {75FE2B5A-D3A4-4EFA-AC11-ADC9C9459688} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll O3 - Toolbar: ???? - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll O3 - Toolbar:VeryCD - {F869BB38-FFEF-4589-B986-610B7AD0ADA2} - C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32 O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 O4 - HKLM\..\Run: [assistse] "C:\PROGRA~1\3721\assistse.exe" O4 - HKLM\..\Run: [advapi32] RUNDLL32 C:\WINDOWS\Downlo~1\_IS_0518\_IS_ISC.DLL,isc O4 - HKLM\..\Run: [YOKAssiant] Rundll32.exe C:\PROGRA~1\YOK.com\SUPERS~1\YOK_SuperSearch.dll,YOKAssiant O8 - Extra context menu item: Quick Search (Yisou.com) - res://C:\WINDOWS\downlo~1\CnsMinEx.dll/1003 O8 - Extra context menu item: !??? - res://C:\WINDOWS\DOWNLO~1\CnsMinEx.dll/1003 O9 - Extra button: ???? - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm O9 - Extra button: 3721 Assistant (HKLM) O11 - Options group: [!CNS] ???? O11 - Options group: [!CNS] Chinese keywords O11 - Options group: [!CNS] 3721Assistant - Addressbar Search datfindbat Verzeichnis von C:\WINDOWS\system32 2006-04-09 00:08 471,040 InetHlpd.dll 2006-01-07 17:09 459,776 F20DEK1.dll 2005-12-14 18:27 458,240 F20DEK.dll 2005-12-12 18:36 452,608 D625.dll 2005-12-11 16:02 0 hosts 2005-11-14 23:46 48,016 cns.dat HKLM\SOFTWARE\3721 -> Adware.CnsMin HKLM\SOFTWARE\3721\CnsMin HKLM\SOFTWARE\Classes\AutoLive.Live HKLM\SOFTWARE\Classes\AutoLive.Live\CLSID HKLM\SOFTWARE\Classes\AutoLive.Live\CurVer HKLM\SOFTWARE\Classes\AutoLive.Live.1 HKLM\SOFTWARE\Classes\CnsHelper.CH HKLM\SOFTWARE\Classes\CnsHelper.CH\CLSID HKLM\SOFTWARE\Classes\CnsHelper.CH\CurVer HKLM\SOFTWARE\Classes\CnsHelper.CH.1 HKLM\SOFTWARE\3721 HKLM\SOFTWARE\3721\CnsMin -> Adware.CnsMin : Gesäubert mit Backup HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS\AutoUpdate HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS\Enable HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS\Hint HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS\List HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS\Reset HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\!CNS\ResetCatch HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CnsMin HKU\S-1-5-21-854245398-920026266-2146909731-1004\Software\3721 HKU\S-1-5-21-854245398-920026266-2146909731-1004\Software\3721\CnsMin HKU\S-1-5-21-854245398-920026266-2146909731-1004\Software\3721\CnsMin\Variant HKU\S-1-5-21-854245398-920026266-2146909731-1004\Software\3721\CnsUrl HKU\S-1-5-21-854245398-920026266-2146909731-1004\Software\3721\InputCns Counterspy/Vipre c:\WINDOWS\Downloaded Program Files\CnsMin.dll c:\WINDOWS\Downloaded Program Files\CnsMinIO.dll c:\WINDOWS\Downloaded Program Files\cnsio.dll c:\WINDOWS\Downloaded Program Files\CnsHook.dll c:\WINDOWS\Downloaded Program Files\keepmain.dll c:\programme\3721\helper.dll c:\programme\3721\alliveex.dll c:\programme\3721\alrex.dll c:\programme\3721\autolive.dll c:\programme\3721\autolive.ini c:\programme\3721\autolvsw.ini c:\programme\3721\cns01.dat c:\programme\3721\cns03.dat c:\programme\3721\cnscfgf.dat c:\programme\3721\cnscfgr.dat c:\programme\3721\cnsmin.dat c:\programme\3721\notifier.dll c:\programme\3721\patch03.dll c:\programme\3721\patch05.dll c:\programme\3721\patch06.dll c:\programme\3721\patch10.dll c:\programme\3721\patch18.dll c:\programme\3721\scrblock.dll C:\PROGRA~1\3721\assistse.exe c:\windows\system32\drivers\cnsminkp.sys C:\WINDOWS\system32\cns.dll C:\WINDOWS\system32\cns.exe C:\WINDOWS\system32\cns.dat ............................................. C:\WINDOWS\backup\_IS_BSYS.DLL C:\WINDOWS\Downloaded Program Files\_IS_0518 Start - Ausführen - regedit HKEY_CLASSES_ROOT\CLSID\{B83FC273-3522-4CC6-92EC-75CC86678DA4} HKEY_CLASSES_ROOT\CLSID\{D157330A-9EF3-49F8-9A67-4141AC41ADD4} HKEY_CLASSES_ROOT\CnsHelper.CH HKEY_CLASSES_ROOT\CnsHelper.CH.1 HKEY_CLASSES_ROOT\CnsMinHK.CnsHook HKEY_CLASSES_ROOT\CnsMinHK.CnsHook.1 HKEY_CURRENT_USER\Software\3721 HKEY_LOCAL_MACHINE\Software\3721 HKEY_LOCAL_MACHINE\Software\InterChina HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AdvancedOptions\!CNS HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{5D73EE86-05F1-49ed-B850-E423120EC338} HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{FD00D911-7529-4084-9946-A29F1BDF4FE5} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\CnsMin HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CnsMin HijackThis O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\TENCENT\QQ\QQIEHelper.dll O8 - Extra context menu item: ??QQ????? - D:\QQ\TT\NAF.htm O8 - Extra context menu item: ???QQ????? - C:\Program Files\Tencent\QQ\AddPanel.htm O8 - Extra context menu item: ???QQ?? - C:\Program Files\Tencent\QQ\AddEmotion.htm O8 - Extra context menu item: ?QQ??????? - C:\Program Files\Tencent\QQ\SendMMS.htm O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: ??QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE Counter-Box.de |
