Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bitte um Auswertung.... BDS/Agent.AY

Bitte um Auswertung.... BDS/Agent.AY


Log-Analyse und Auswertung: Bitte um Auswertung.... BDS/Agent.AY

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 22.07.2005, 13:54   #1
Boersianer
 
Bitte um Auswertung.... BDS/Agent.AY - Standard

Bitte um Auswertung.... BDS/Agent.AY


Logfile of HijackThis v1.99.1
Scan saved at 14:35:59, on 22.07.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Borland\Interbase\Bin\IBGuard.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\Programme\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TOBITA~1\TAVFDSrv.EXE
C:\Programme\Borland\Interbase\Bin\IBServer.exe
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programme\Analog Devices\SoundMAX\Smax4.exe
C:\Programme\Intel\Intel(R) Active Monitor\imontray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\Tobit AntiVirus For Desktops\TAVfD.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Program Files\Altnet\Points Manager\Points Manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\Programme\Gemeinsame Dateien\Sonic Shared\cinetray.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\TEAM-LOG2\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Programme\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Tobit AntiVirus for Desktops] C:\Programme\Tobit AntiVirus For Desktops\TAVfD.exe -HIDE
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Startup: Sonic CinePlayer Quick Launch.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZCxdm538YYDE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...p1.0.0.8-2.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BC26CD9-6A96-4398-999B-306B21D8FB36}: NameServer = 192.168.0.99
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Programme\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Interbase Guardian (InterbaseGuardian) - FirebirdSQL Project - C:\Programme\Borland\Interbase\Bin\IBGuard.EXE
O23 - Service: Interbase Sever (InterbaseServer) - FirebirdSQL Project - C:\Programme\Borland\Interbase\Bin\IBServer.exe
O23 - Service: McShield (Mcshield) - Unknown owner - C:\Programme\Gemeinsame Dateien\McAfee\McShield\Mcshield.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Tobit AntiVirus for Desktops Service (TAVFDService) - Tobit Software - C:\PROGRA~1\TOBITA~1\TAVFDSrv.EXE

Danke schön im voraus!!!!!!!!!!!!!!!

Alt 22.07.2005, 14:54   #2
felix1
/// Helfer-Team
 
Bitte um Auswertung.... BDS/Agent.AY - Standard

Bitte um Auswertung.... BDS/Agent.AY


Um zu wissen, welche Dateien infiziert sind, mache genau nach Anleitung:
http://www.trojaner-board.de/showthread.php?t=17492

Sowas kann schnell mal beim Herumeseln passieren.
__________________
Alt 23.07.2005, 12:28   #3
Boersianer
 
Bitte um Auswertung.... BDS/Agent.AY - Standard

Bitte um Auswertung.... BDS/Agent.AY


So hab e-Scan mal drüber laufen lassen, hier die Funde mit infect:

Fri Jul 22 16:15:08 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)!
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({9bbcf06c-dcd7-495d-80df-cdd5399d0ff8})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (adm4.adm4)! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (adm25.adm25)! Action taken: No Action Taken.
2005 => System found infected with funweb Spyware/Adware ({CFF4CE82-3AA2-451F-9B77-7165605FB835})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({B813095C-81C0-4E40-AA14-67520372B987})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({147A976F-EEE1-4377-8EA7-4716E4CDD239})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({0F8ECF4F-3646-4C3A-8881-8E138FFCAF70})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({00A6FAF6-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:15:13 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken.
Fri Jul 22 16:15:13 2005 => System found infected with gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
Fri Jul 22 16:15:13 2005 => System found infected with ibis Spyware/Adware ({1d4db7d2-6ec9-47a3-bd87-1e41684e07bb})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({0494D0D1-F8E0-41ad-92A3-14154ECE70AC})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({3646C2BD-3554-49CA-8125-44DEEFB881DE})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({3f4d4f88-0198-4921-b630-957f3eb814e0})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware (MyWebSearch Email Plugin.lnk)! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware (f3initialsetup1.0.0.8-2.inf)! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({ADB01E81-3C79-4272-A0F1-7B2BE7A782DC})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({9FF05104-B030-46FC-94B8-81276E4E27DF})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({938AA51A-996C-4884-98CE-80DD16A5C9DA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({7473D292-B7BB-4f24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({F42228FB-E84E-479E-B922-FBBD096E792C})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({7473D290-B7BB-4F24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({29D67D3C-509A-4544-903F-C8C1B8236554})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA1-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAA-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAC-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2B-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2D-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({00A6FAF1-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA0-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({8E6F1830-9607-4440-8530-13BE7C4B1D14})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({E47CAEE0-DEEA-464A-9326-3F2801535A4D})! Action taken: No Action Taken.
Fri Jul 22 16:15:17 2005 => System found infected with webp2p Spyware/Adware ({1D6711C8-7154-40BB-8380-3DEA45B69CBF})! Action taken: No Action Taken.
Fri Jul 22 16:19:58 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Fri Jul 22 16:34:08 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware ({9bbcf06c-dcd7-495d-80df-cdd5399d0ff8})! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware ({ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb})! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware (adm4.adm4)! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware (adm25.adm25)! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({CFF4CE82-3AA2-451F-9B77-7165605FB835})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({B813095C-81C0-4E40-AA14-67520372B987})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({147A976F-EEE1-4377-8EA7-4716E4CDD239})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({0F8ECF4F-3646-4C3A-8881-8E138FFCAF70})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({00A6FAF6-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:34:32 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken.
Fri Jul 22 16:34:33 2005 => System found infected with gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
Fri Jul 22 16:34:36 2005 => System found infected with ibis Spyware/Adware ({1d4db7d2-6ec9-47a3-bd87-1e41684e07bb})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({0494D0D1-F8E0-41ad-92A3-14154ECE70AC})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({3646C2BD-3554-49CA-8125-44DEEFB881DE})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({3f4d4f88-0198-4921-b630-957f3eb814e0})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware (MyWebSearch Email Plugin.lnk)! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware (f3initialsetup1.0.0.8-2.inf)! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({ADB01E81-3C79-4272-A0F1-7B2BE7A782DC})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({9FF05104-B030-46FC-94B8-81276E4E27DF})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({938AA51A-996C-4884-98CE-80DD16A5C9DA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({7473D292-B7BB-4f24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({F42228FB-E84E-479E-B922-FBBD096E792C})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({7473D290-B7BB-4F24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({29D67D3C-509A-4544-903F-C8C1B8236554})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA1-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAA-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAC-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2B-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2D-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({00A6FAF1-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA0-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({8E6F1830-9607-4440-8530-13BE7C4B1D14})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({E47CAEE0-DEEA-464A-9326-3F2801535A4D})! Action taken: No Action Taken.
Fri Jul 22 16:34:58 2005 => System found infected with webp2p Spyware/Adware ({1D6711C8-7154-40BB-8380-3DEA45B69CBF})! Action taken: No Action Taken.
Fri Jul 22 16:48:43 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*

Fri Jul 22 17:42:02 2005 => ***** Scanning complete. *****

Fri Jul 22 17:42:02 2005 => Total Objects Scanned: 40793
Fri Jul 22 17:42:02 2005 => Total Virus(es) Found: 94
Fri Jul 22 17:42:02 2005 => Total Disinfected Files: 0
Fri Jul 22 17:42:02 2005 => Total Files Renamed: 0
Fri Jul 22 17:42:02 2005 => Total Deleted Objects: 0
Fri Jul 22 17:42:02 2005 => Total Errors: 54
Fri Jul 22 17:42:02 2005 => Time Elapsed: 01:09:01
Fri Jul 22 17:42:02 2005 => Virus Database Date: 2005/07/22
Fri Jul 22 17:42:02 2005 => Virus Database Count: 139351

Fri Jul 22 17:42:02 2005 => Scan Completed.
__________________
Alt 23.07.2005, 17:27   #4
felix1
/// Helfer-Team
 
Bitte um Auswertung.... BDS/Agent.AY - Standard

Bitte um Auswertung.... BDS/Agent.AY


Lade und update Ad-aware und lasse das Programm laufen.
http://www.lavasoft.de/support/download/
Update Spybot und lasse auch das durchlaufen.
Anschließend nochmal einen escan und hier posten.

Bezüglich dieser Sachen würde ich mir schon Gedanken machen:
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\Kazaa.exe /SYSTRAY
Aber wers braucht?

Alt 25.07.2005, 12:49   #5
Boersianer
 
Bitte um Auswertung.... BDS/Agent.AY - Standard

Bitte um Auswertung.... BDS/Agent.AY


Auf ein Neues, jetzt sind es schon mal nicht ganz so viele!!!


Mon Jul 25 11:18:31 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Mon Jul 25 11:18:31 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Mon Jul 25 11:18:31 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Mon Jul 25 11:19:20 2005 => System found infected with webp2p Spyware/Adware ({1D6711C8-7154-40BB-8380-3DEA45B69CBF})! Action taken: No Action Taken.
Mon Jul 25 11:27:48 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*

Mon Jul 25 11:51:46 2005 => File C:\WINDOWS\system32\f3PSSavr.scr tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch". Action Taken: No Action Taken.
Mon Jul 25 11:30:32 2005 => File C:\Programme\Kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Altnet.d". Action Taken: No Action Taken.



Mon Jul 25 11:55:14 2005 => ***** Scanning complete. *****

Mon Jul 25 11:55:14 2005 => Total Objects Scanned: 40793
Mon Jul 25 11:55:14 2005 => Total Virus(es) Found: 9
Mon Jul 25 11:55:14 2005 => Total Disinfected Files: 0
Mon Jul 25 11:55:14 2005 => Total Files Renamed: 0
Mon Jul 25 11:55:14 2005 => Total Deleted Objects: 0
Mon Jul 25 11:55:14 2005 => Total Errors: 191
Mon Jul 25 11:55:14 2005 => Time Elapsed: 00:44:16
Mon Jul 25 11:55:14 2005 => Virus Database Date: 2005/07/22
Mon Jul 25 11:55:14 2005 => Virus Database Count: 139351

Mon Jul 25 11:55:14 2005 => Scan Completed.

Mon Jul 25 13:44:11 2005 => Virus Database Date: 2005/07/22
Mon Jul 25 13:44:11 2005 => Virus Database Count: 139351
Mon Jul 25 13:44:14 2005 => AV Library Unloaded (3)...


Alt 25.07.2005, 13:58   #6
felix1
/// Helfer-Team
 
Bitte um Auswertung.... BDS/Agent.AY - Standard

Bitte um Auswertung.... BDS/Agent.AY


Lese das durch und führe aus:
http://www.trojaner-board.de/showthread.php?t=16382

Antwort

Themen zu Bitte um Auswertung.... BDS/Agent.AY
adobe, antivirus, bho, dateien, dll, document, einstellungen, email, excel, explorer, hijack, hijackthis, internet, internet explorer, logfile, messenger, microsoft, monitor, nvidia, programme, rundll, software, system, system32, urlsearchhook, windows, windows messenger, windows xp


« 2 Fragen zum Neuaufsetzen des Systems | Alles neu und immer noch... »


Ähnliche Themen: Bitte um Auswertung.... BDS/Agent.AY


  1. Trojan.Agent.CK -Auswertung erbeten
    Log-Analyse und Auswertung - 19.08.2012 (10)
  2. TR/DLdr.Agent.cgzd - Bitte um Hijack.this Auswertung
    Plagegeister aller Art und deren Bekämpfung - 05.04.2010 (9)
  3. Bitte um Auswertung
    Log-Analyse und Auswertung - 11.09.2008 (1)
  4. Bitte um HJT-Log This auswertung
    Mülltonne - 22.07.2008 (0)
  5. Bitte um Auswertung von HJT Log
    Log-Analyse und Auswertung - 23.02.2008 (9)
  6. Bitte um Auswertung
    Log-Analyse und Auswertung - 07.11.2007 (2)
  7. Bitte um Auswertung
    Log-Analyse und Auswertung - 07.11.2007 (6)
  8. Auswertung bitte
    Mülltonne - 06.11.2007 (0)
  9. Bitte um Auswertung ._.
    Log-Analyse und Auswertung - 12.07.2007 (1)
  10. bitte um auswertung
    Log-Analyse und Auswertung - 11.04.2007 (6)
  11. bitte um auswertung
    Log-Analyse und Auswertung - 01.03.2007 (1)
  12. Bitte um auswertung
    Log-Analyse und Auswertung - 29.07.2006 (4)
  13. Bitte um Auswertung
    Mülltonne - 28.07.2006 (1)
  14. Bitte um Auswertung!
    Log-Analyse und Auswertung - 14.10.2005 (2)
  15. TR/Agent.KT // bitte HJT-Log auswertung
    Log-Analyse und Auswertung - 20.02.2005 (0)
  16. Bitte um Auswertung
    Log-Analyse und Auswertung - 19.01.2005 (3)
  17. Bitte !! Hilfe bei der Log Auswertung !! Bitte
    Log-Analyse und Auswertung - 18.12.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bitte um Auswertung.... BDS/Agent.AY - Logfile of HijackThis v1.99.1 Scan saved at 14:35:59, on 22.07.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe - Bitte um Auswertung.... BDS/Agent.AY...
Archiv
Du betrachtest: Bitte um Auswertung.... BDS/Agent.AY auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55