Infected or not?

R

robert.vienna

New member
Hi,

when I recently updated my Java suddenly Spybot made a message like "DyFuCa Internet Optimizer encountered" (see below).

The log says:

30.03.2010 23:08:26 Erlaubt (Permitted) (based on user decision) value "{E7E6F031-17CE-4C07-BC86-EABFE594F69C}" (new data: "") gelöscht (extinguished) in Browser Helper Object!
30.03.2010 23:09:20 Erlaubt (based on user decision) value "{8AD9C840-044E-11D1-B3E9-00805F499D93}" (new data: "") gelöscht in ActiveX Distribution Unit!
30.03.2010 23:09:20 Erlaubt (based on user decision) value "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}" (new data: "") gelöscht in ActiveX Distribution Unit!
30.03.2010 23:09:20 Erlaubt (based on user decision) value "{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" (new data: "") gelöscht in ActiveX Distribution Unit!
30.03.2010 23:09:21 Erlaubt (based on user decision) value "{8AD9C840-044E-11D1-B3E9-00805F499D93}" (new data: "") hinzugefügt (added) in ActiveX Distribution Unit!
30.03.2010 23:09:21 Erlaubt (based on user decision) value "{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}" (new data: "") hinzugefügt in ActiveX Distribution Unit!
30.03.2010 23:09:21 Erlaubt (based on user decision) value "{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" (new data: "") hinzugefügt in ActiveX Distribution Unit!
30.03.2010 23:09:35 Erlaubt (based on user decision) value "{E7E6F031-17CE-4C07-BC86-EABFE594F69C}" (new data: "") hinzugefügt in Browser Helper Object!
30.03.2010 23:09:56 Erlaubt (based on user decision) value "SunJavaUpdateSched" (new data: ""C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"") geändert in System Startup global entry!
30.03.2010 23:09:56 Encountered and terminated DyFuCA.InternetOptimizer in C:\Programme\Java\jre6\bin\jqs.exe!
31.03.2010 23:21:01 Erlaubt (based on user decision) value "NoDriveTypeAutoRun" (new data: "hex:91,00,00,") geändert in System Startup user entry!


Do I have to worry or did Spybot save me?

A system scan with spybot and AntiVir did not show anything suspicious.

regards

Robert
 
Hi robert.vienna

Click here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
 
You must log in or register to reply here.
Back
Top