Hilfe bei escan

Diddi1000 · 11.09.2005, 12:00

Hallo,
benötige Hilfe bei escan log. Spybot und Adaware haben nichts gefunden, aber der Rechner geht häufig ohne Ankündigung aus.
Hier escan-log, habe nur freeware, kann damit nichts beheben:

System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
System found infected with altnetbde Spyware/Adware (adm25.dll)! Action taken: No Action Taken.
System found infected with Cydoor.TOPicks.a Spyware/Adware (adm4.dll)! Action taken: No Action Taken.
System found infected with Cydoor.TOPicks.a Spyware/Adware (admdata.dll)! Action taken: No Action Taken
System found infected with Cydoor.TOPicks.a Spyware/Adware (admdloader.dll)! Action taken: No Action Taken.
System found infected with Cydoor.TOPicks.a Spyware/Adware (admfdi.dll)! Action taken: No Action Taken.
System found infected with Cydoor.TOPicks.a Spyware/Adware (admprog.dll)! Action taken: No Action Taken.
System found infected with WhenU.SaveNow Spyware/Adware (setup_wm.exe)! Action taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\msxml3a.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\INT13EXT.VXD". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\System32\cmmgr32.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\NikonView.exe" refers to invalid object "C:\Programme\Nikon\NkView6\NikonView.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Ontrack\EasyRecovery Professional Trial\". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".asd". Action Taken: No Action Taken.

Sun Sep 11 12:42:02 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".bckp". Action Taken: No Action Taken.

Sun Sep 11 12:42:02 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".IFO". Action Taken: No Action Taken.

Sun Sep 11 12:42:02 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".image". Action Taken: No Action Taken.

Sun Sep 11 12:42:02 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".rar". Action Taken: No Action Taken.

Sun Sep 11 12:42:02 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "INSTAFINK". Action Taken: No Action Taken.

Sun Sep 11 12:42:05 2005 => Entry "HKCR\CLSID\{83D4679F-B6D7-11D2-BF36-00C04FB90A03}" refers to invalid object "C:\PROGRA~1\MESSEN~1\rtcimsp.dll". Action Taken: No Action Taken.

Sun Sep 11 12:42:06 2005 => Entry "HKCR\CLSID\{B15886CD-E8F8-11D5-B898-000374890932}" refers to invalid object "C:\Postme\PLUGINS\pgpgnupg.exe". Action Taken: No Action Taken.

Sun Sep 11 12:42:08 2005 => Entry "HKCR\TypeLib\{074D261D-AC90-4405-8CF4-E0D25EC8165B}" refers to invalid object "C:\DOKUME~1\Seel\LOKALE~1\Temp\VBE\MSForms.exd". Action Taken: No Action Taken.

Sun Sep 11 12:42:08 2005 => Entry "HKCR\TypeLib\{50FEAEFE-148A-47D9-A406-8AC51B70D586}" refers to invalid object "C:\DOKUME~1\Seel\LOKALE~1\Temp\VBE\RefEdit.exd". Action Taken: No Action Taken.

Sun Sep 11 12:42:09 2005 => Entry "HKCR\TypeLib\{B15886C0-E8F8-11D5-B898-000374890932}" refers to invalid object "C:\Postme\PLUGINS\pgpgnupg.exe". Action Taken: No Action Taken.

Sun Sep 11 12:42:09 2005 => Entry "HKCR\TypeLib\{DCB43485-19FB-4D6D-BB3D-73C7F48D5F00}" refers to invalid object "C:\Programme\Messenger\rtcimsp.dll". Action Taken: No Action Taken.

Sun Sep 11 12:42:09 2005 => Entry "HKCR\.sll" refers to invalid object "SSLFile". Action Taken: No Action Taken.

Sun Sep 11 12:42:10 2005 => Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken.

Sun Sep 11 12:42:10 2005 => Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken.

Sun Sep 11 12:42:10 2005 => Entry "HKCR\Connection Manager Profile\shell\open\command" refers to invalid object "C:\WINDOWS\System32\CMMGR32.EXE "%1"". Action Taken: No Action Taken.

Sun Sep 11 12:42:11 2005 => Entry "HKCR\ed2k\shell\open\command" refers to invalid object ""C:\Programme\eMule\eMule.exe" "%1"". Action Taken: No Action Taken.

Sun Sep 11 12:42:12 2005 => Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.

Sun Sep 11 12:42:12 2005 => Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.

Sun Sep 11 12:42:12 2005 => Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.

Sun Sep 11 12:42:12 2005 => Entry "HKCR\msbackupfile\shell\open\command" refers to invalid object "%SystemRoot%\system32\ntbackup.exe". Action Taken: No Action Taken.

Sun Sep 11 12:42:12 2005 => Entry "HKCR\NeroCopyType\shell\open\command" refers to invalid object "C:\PROGRA~1\Ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.

Sun Sep 11 12:42:12 2005 => Entry "HKCR\NeroCueSheetType\shell\open\command" refers to invalid object "C:\PROGRA~1\Ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.

Sun Sep 11 12:42:12 2005 => Entry "HKCR\NeroErrorType\shell\open\command" refers to invalid object "C:\PROGRA~1\Ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.

Sun Sep 11 12:42:13 2005 => Entry "HKCR\NeroHDBackupType\shell\open\command" refers to invalid object "C:\PROGRA~1\Ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.

Sun Sep 11 12:42:13 2005 => Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.

Sun Sep 11 12:42:13 2005 => Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.

Sun Sep 11 12:42:13 2005 => Entry "HKCR\ppifile\shell\open\command" refers to invalid object "%SystemRoot%\System32\msppcnfg.exe /Config %1". Action Taken: No Action Taken.

Sun Sep 11 12:42:13 2005 => Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken.

Sun Sep 11 12:42:13 2005 => Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken.

Sun Sep 11 12:42:14 2005 => Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.

Sun Sep 11 12:42:14 2005 => Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.
Sun Sep 11 12:45:16 2005 => Datei C:\Dokumente und Einstellungen\Seel\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-92a91d4-2c7837ac.zip infiziert von "Exploit.Java.ByteVerify" Virus. Aktion vorgenommen: No Action Taken.

Hilfe bei escan

Plagegeister aller Art und deren Bekämpfung: Hilfe bei escan

Hilfe bei escan

Ähnliche Themen: Hilfe bei escan