DailyToolbar

DailyToolbar

Adware:adware/dailytoolbar -> C:\WINDOWS\SYSTEM32\dailytoolbar.dll

weiter HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

O3 - Toolbar: DailyToolbar - {8333C319-0669-4893-A418-F56D9249FCA6} - C:\WINDOWS\Downloaded Program Files\DailyToolbar.dll

O16 - DPF: IEToolbarCab - http://www.animetoolbar.com/DailyToolbar.CAB


weiter Start -> Ausführen --> regedit -> löschen

[-HKEY_CLASSES_ROOT\AppID\{951B3138-AE8E-4676-A05A-250A5F111631}]
[-HKEY_CLASSES_ROOT\AppID\DailyToolbar.DLL\AppID]
[-HKEY_CLASSES_ROOT\DailyToolbar.IEBand.1]
[-HKEY_CLASSES_ROOT\DailyToolbar.IEBand]
[-HKEY_CLASSES_ROOT\CLSID\{8333C319-0669-4893-A418-F56D9249FCA6}]
[-HKEY_CLASSES_ROOT\IEToolbar.AffiliateCtl]
[-HKEY_CLASSES_ROOT\IEToolbar.AffiliateCtl.1]
[-HKEY_CLASSES_ROOT\CLSID\{38E0F7DD-1468-4DBE-A3EA-BAAFA10D4964}]
[-HKEY_CLASSES_ROOT\DailyToolbar.SysMgr]
[-HKEY_CLASSES_ROOT\DailyToolbar.SysMgr.1]
[-HKEY_CLASSES_ROOT\CLSID\{58F9B276-E1CC-458e-8159-21CBC021874B}]
[-HKEY_CLASSES_ROOT\TypeLib\{951B3138-AE8E-4676-A05A-250A5F111631}]
[-HKEY_CLASSES_ROOT\Interface\{10195311-E434-47A9-ADBA-48839E3F7E4E}]
[-HKEY_CLASSES_ROOT\Interface\{B2C9DD5F-8267-46E4-B49A-5D4479A4171C}]
[-HKEY_CLASSES_ROOT\Interface\{ABAFA0B4-F78D-42E5-8C31-1A441D01C1DF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\NIX Solutions\DailyToolbar]
[-HKEY_CURRENT_USER\SOFTWARE\NIX Solutions\DailyToolbar]
[-HKEY_LOCAL_MACHINE\Software\DailyToolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DailyToolbar]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
"{8333C319-0669-4893-A418-F56D9249FCA6}" = "DailyToolbar"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
"Start Page" = "[http://]www.topsearchdog.com/[REMOVED]"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LesbianToolbar
"DisplayName" = "LesbianToolbar"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LesbianToolbar
"UninstallString" = "%Original file location)\dailytoolbar.dll", Uninstall

weiter Deinstallieren:
"Start -> Einstellungen -> Systemsteuerung -> Software" --> DailyToolbar

weiter löschen
C:\Windows\Downloaded Program Files\DailyToolbar.dll

C:\WINDOWS\SYSTEM32\dailytoolbar.dll

weiter echo.zip
entpacken--> klicke echo.bat --> der Texteditor wird sich öffnen

C:\WINDOWS\Downloaded Program Files
17.03.2004 15:55 229.376 DailyToolbar.dll

weiter Counterspy/Vipre

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEToolbar.AffiliateCtl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58F9B276-E1CC-458e-8159-21CBC021874B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DailyToolbar.IEBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{951B3138-AE8E-4676-A05A-250A5F111631}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\DailyToolbar.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\DailyToolbar.DLL DailyToolbar dailytoolbar.dll
HKEY_LOCAL_MACHINE\SOFTWARE\DailyToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DailyToolbar.SysMgr
HKEY_LOCAL_MACHINE\SOFTWARE\NIX Solutions\DailyToolbar
HKEY_CLASSES_ROOT\clsid\{58F9B276-E1CC-458e-8159-21CBC021874B}
HKEY_CLASSES_ROOT\IEToolbar.AffiliateCtl
HKEY_CLASSES_ROOT\DailyToolbar.IEBand

weiter Combofix

((((((((((((((((((((((((((((((( Files Created from 2006-09-03 to 2006-10-03 )))))))) 
2006-10-03 11:02 8,704 --a------ C:\WINDOWS\system32\qmxvobeh.exe
2006-10-03 11:02 40,448 --a------ C:\WINDOWS\system32\sumsw32.exe
2006-10-02 10:06 5,332 --a------ C:\WINDOWS\system32\foqffiqr.exe

2006-10-01 15:05 61,440 --------- C:\WINDOWS\ov530dib.dll
2006-10-01 15:05 40,960 --------- C:\WINDOWS\system32\ov530ext.dll
2006-10-01 15:05 25,177 --------- C:\WINDOWS\system32\drivers\ov530cmd.sys
2006-10-01 15:05 161,792 --------- C:\WINDOWS\system32\drivers\ov530vid.sys
2006-10-01 15:05 16,440 --------- C:\WINDOWS\system32\ov530usd.dll

2006-09-29 21:32 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2006-09-29 21:32 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2006-09-29 21:32 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2006-09-29 21:32 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2006-09-29 21:32 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2006-09-29 21:32 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2006-09-29 21:32 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2006-09-29 21:31 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll

2006-09-25 10:02 5,332 --a------ C:\WINDOWS\system32\dqxxhvyx.exe
2006-09-17 19:58 5,332 --a------ C:\WINDOWS\system32\qzzjkozy.exe
2006-09-10 00:13 8,266 --a------ C:\WINDOWS\system32\feizuyts.exe 

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))

2006-10-03 13:35 32768 --a------ C:\WINDOWS\system32\wstart.dll
2006-10-03 13:35 32768 --a------ C:\WINDOWS\system32\txfdb32.dll
2006-10-03 13:35 32768 --a------ C:\WINDOWS\system32\tcpservice2.exe
2006-10-03 13:35 32768 --a------ C:\WINDOWS\system32\runsrv32.exe
2006-10-03 13:35 32768 --a------ C:\WINDOWS\system32\bridge.dll
2006-10-03 13:35 32768 --a------ C:\WINDOWS\system32\alxres.dll
2006-10-03 13:35 32768 --a------ C:\WINDOWS\alxtb1.dll
2006-10-03 13:35 32768 --a------ C:\WINDOWS\alexaie.dll
2006-10-03 13:35 32512 --a------ C:\WINDOWS\system32\runsrv32.dll
2006-10-03 13:35 32512 --a------ C:\WINDOWS\system32\jao.dll
2006-10-03 13:35 32512 --a------ C:\WINDOWS\system32\dailytoolbar.dll
2006-10-03 13:35 32512 --a------ C:\WINDOWS\system32\a.exe
2006-10-03 13:35 32512 --a------ C:\WINDOWS\susp.exe
2006-10-03 13:35 32512 --a------ C:\WINDOWS\dlmax.dll
2006-10-03 13:35 32512 --a------ C:\WINDOWS\BTGrab.dll
2006-10-03 13:35 32512 --a------ C:\WINDOWS\alxie328.dll
2006-10-03 13:35 32256 --a------ C:\WINDOWS\ZServ.dll
2006-10-03 13:35 32256 --a------ C:\WINDOWS\Pynix.dll
2006-10-03 13:35 31744 --a------ C:\WINDOWS\system32\udpmod.dll
2006-10-03 13:35 31744 --a------ C:\WINDOWS\system32\questmod.dll 
2006-09-01 18:13 7482 --a------ C:\WINDOWS\system32\ywjehqju.exe 
2006-08-24 20:49 7466 --a------ C:\WINDOWS\system32\jibquemn.exe 
2006-07-27 22:05 7451 --a------ C:\WINDOWS\system32\msqhxmox.exe
2006-07-19 22:42 7712 --a------ C:\WINDOWS\system32\bziqjkad.exe
2006-07-11 17:44 8704 --a------ C:\WINDOWS\system32\xxghikui.exe
2006-07-11 17:44 7184 --a------ C:\WINDOWS\system32\lghhwizu.exe
2006-07-04 10:06 8704 --a------ C:\WINDOWS\system32\qvkpjjnw.exe
2006-07-04 10:06 7184 --a------ C:\WINDOWS\system32\ifqvtwjh.exe

weiter Datfindbat
Verzeichnis von C:\WINDOWS\system32 
03.10.2006 13:41 32.512 udpmod.dll
03.10.2006 13:41 32.768 questmod.dll
03.10.2006 13:41 32.512 jao.dll
03.10.2006 13:41 32.768 bridge.dll
03.10.2006 13:41 32.512 a.exe
03.10.2006 13:41 32.768 runsrv32.exe
03.10.2006 13:41 32.768 txfdb32.dll
03.10.2006 13:41 32.512 runsrv32.dll
03.10.2006 13:41 32.768 wstart.dll
03.10.2006 13:41 32.768 tcpservice2.exe
03.10.2006 13:41 32.512 dailytoolbar.dll
03.10.2006 13:41 32.768 alxres.dll
03.10.2006 11:04 12 oiso.bin
03.10.2006 11:04 154 lfd.dat
03.10.2006 11:02 40.448 sumsw32.exe
03.10.2006 11:02 8.704 qmxvobeh.exe
02.10.2006 10:06 5.332 foqffiqr.exe
25.09.2006 10:02 5.332 dqxxhvyx.exe
17.09.2006 19:58 5.332 qzzjkozy.exe
10.09.2006 00:13 8.266 feizuyts.exe
01.09.2006 18:13 7.482 ywjehqju.exe 
24.08.2006 20:49 7.466 jibquemn.exe 
19.07.2006 22:42 7.712 bziqjkad.exe 
11.07.2006 17:44 8.704 xxghikui.exe
11.07.2006 17:44 7.184 lghhwizu.exe
04.07.2006 10:06 8.704 qvkpjjnw.exe
04.07.2006 10:06 7.184 ifqvtwjh.exe 

Verzeichnis von C:\WINDOWS

03.10.2006 13:52 32.512 dlmax.dll
03.10.2006 13:52 32.512 Pynix.dll
03.10.2006 13:52 32.512 BTGrab.dll
03.10.2006 13:52 32.256 ZServ.dll
03.10.2006 13:52 32.512 susp.exe
03.10.2006 13:52 32.768 alxtb1.dll
03.10.2006 13:52 32.512 alxie328.dll
03.10.2006 13:52 32.768 alexaie.dll
03.10.2006 13:52 3.155 yod.htm

weiter AWG - Virenscanner

HKLM\SOFTWARE\Alexa Internet -> Adware.Alexa
HKLM\SOFTWARE\Classes\AlxTB.BHO -> Adware.Alexa
HKLM\SOFTWARE\Classes\PopMenu.Menu -> Adware.Alexa
HKLM\SOFTWARE\Classes\Popup.PopupKiller -> Adware.Alexa

HKLM\SOFTWARE\Classes\jao.jao -> Adware.BlazeFind

HKLM\SOFTWARE\Classes\AppID\DailyToolbar.DLL -> Adware.DailyToolbar
HKLM\SOFTWARE\Classes\DailyToolbar.IEBand -> Adware.DailyToolbar
HKLM\SOFTWARE\Classes\DailyToolbar.SysMgr -> Adware.DailyToolbar
HKLM\SOFTWARE\Classes\IEToolbar.AffiliateCtl -> Adware.DailyToolbar
HKLM\SOFTWARE\DailyToolbar -> Adware.DailyToolbar
HKLM\SOFTWARE\NIX Solutions -> Adware.DailyToolbar
HKLM\SOFTWARE\NIX Solutions\DailyToolbar -> Adware.DailyToolbar
HKLM\SOFTWARE\Classes\CLSID\{F1FABE79-25FC-46de-8C5A-2C6DB9D64333}

HKU\S-1-5-21-4166307882-4152392858-1037202297-1004\Software\Microsoft\Active Setup\Installed Components\ {Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666} -> Adware.Generic

C:\WINDOWS\system32\users32.exe -> Not-A-Virus.Hoax.Win32.Renos.dk
C:\WINDOWS\system32\adobepnl.dll -> Not-A-Virus.Hoax.Win32.Renos.dm





Counter-Box.de


virus-protect.org
startseite Valid HTML 4.01 Ranking-Hits antispam