Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Kann es einer anschauen...

Kann es einer anschauen...


Log-Analyse und Auswertung: Kann es einer anschauen...

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 01.10.2005, 06:27   #1
Greko
 
Kann es einer anschauen... - Standard

Kann es einer anschauen...


ich habe die vermutung, dass ich bei meiner Rechner Viren habe.. laut eScan waren 97 Dateien infiziert..

Hier erstmal mein HijackThis File...

Logfile of HijackThis v1.99.1
Scan saved at 07:27:20, on 01.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\mHotkey.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\program files\altnet\points manager\points manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\Programme\CA\eTrust Antivirus\InoRpc.exe
C:\Programme\CA\eTrust Antivirus\InoRT.exe
C:\Programme\CA\eTrust Antivirus\InoTask.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\PROGRA~1\CA\SHARED~1\SCANEN~1\InoDist.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ISW\alice\signup\connctas.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\ISW\alice\signup\Tray.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\Osman\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.alice-dsl.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.alice-dsl.de
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\kazaa.exe /SYSTRAY
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://h**p://ky.bar.need2find.com/K...arch.html?p=KY
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=h**p://www.msn.de/
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - h**p://software-dl.real.com/23ea10ffae3267990f05/netzip/RdxIE601_de.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093861551859
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F7A2EE1-611A-4BFF-A98B-A81055FF841F}: NameServer = 213.191.74.11 213.191.92.82
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


Und hier ist eScan Logfile: (infected)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Fri Sep 30 21:37:13 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({1d3bce37-7834-4579-8169-e67681420a98})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({1d6711c8-7154-40bb-8380-3dea45b69cbf})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with mybar Spyware/Adware ({3646c2bd-3554-49ca-8125-44deefb881de})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with mybar Spyware/Adware ({3f4d4f88-0198-4921-b630-957f3eb814e0})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with need2find bar Spyware/Adware ({4d1c4e81-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with netster Spyware/Adware ({56336bcb-3d8a-11d6-a00b-0050da18de71})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with altnetbde Spyware/Adware ({9bbcf06c-dcd7-495d-80df-cdd5399d0ff8})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({c15b7ea2-a360-43e8-a591-5faedc7c4e1d})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({c91e8926-d4be-4685-99f4-0d996b96bac0})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with p2p networking Spyware/Adware ({cc7a6223-3759-4075-8cea-971f5cfc0ed2})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({def37997-d9c9-4a4b-bf3c-88f99eaceec2})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with need2find bar Spyware/Adware ({4d1c4e81-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({1d6711c8-7154-40bb-8380-3dea45b69cbf})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with netster Spyware/Adware ({56336bcb-3d8a-11d6-a00b-0050da18de71})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({99a8e2b2-3405-4c0d-9110-131c14caaf62})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with p2p networking Spyware/Adware ({f720b40f-3a38-4b22-b30d-dcf095d42498})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({16097036-894c-4c00-a61f-93ca0d49a70e})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({1b540d44-3f61-4394-ae30-25fdc3649405})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({258a3625-183b-4477-aee2-ea54df6d878d})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({29e825aa-13bc-457c-806a-d72e4a25b3c5})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({2ed5af98-9258-45ba-b79b-06625c92f662})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({700dc0dd-f409-42e0-9de5-21ee1a2ba9fd})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({9d4548ce-92fd-4c6c-ae7f-3dbe3bc763d8})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with altnetbde Spyware/Adware ({ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with kazaa Spyware/Adware ({c91e8926-d4be-4685-99f4-0d996b96bac0})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({ce9b37ec-d243-47a2-83db-3a8350175193})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({d273d427-57c6-4b12-860f-bbb8195f6e2a})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({e79dadc6-18d0-4a2a-831f-d196d41f8438})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({fd42f6d3-7ab1-470c-979b-7996edc99099})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with kazaa Spyware/Adware ({99a8e2b2-3405-4c0d-9110-131c14caaf62})! Action taken: No Action Taken.
Fri Sep 30 21:38:22 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
Fri Sep 30 21:38:22 2005 => System found infected with p2p networking Spyware/Adware (webp2pinstaller.dll)! Action taken: No Action Taken.
Fri Sep 30 21:38:23 2005 => System found infected with cydoor Spyware/Adware (cd_clint.dll)! Action taken: No Action Taken.
Fri Sep 30 21:38:24 2005 => System found infected with p2p networking Spyware/Adware (p2p networking v126.cpl)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with cws.therealsearch Spyware/Adware (waol.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with cws.therealsearch Spyware/Adware (waol.exe)! Action taken: No Action Taken.
Fri Sep 30 22:23:53 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\curing_an_infected_file_after_a_scan.html
Fri Sep 30 22:23:53 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\deleting_an_infected_file_after_a_scan.html
Fri Sep 30 22:23:58 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\infected_files.html
Fri Sep 30 22:23:58 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\infected_files_02.html
Fri Sep 30 22:23:58 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\infected_object.html
Fri Sep 30 22:24:00 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\moving_an_infected_file_after_a_scan.html
Fri Sep 30 22:24:07 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\remove_infected_macros.html
Fri Sep 30 22:24:08 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\renaming_an_infected_file_after_a_scan.html
Fri Sep 30 22:24:10 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\send_infected_files_only.html
Fri Sep 30 22:24:15 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\viewing_details_about_an_infected_file.html
Fri Sep 30 23:54:48 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Fri Sep 30 21:36:39 2005 => File C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL tagged as "not-a-virus:AdWare.Win32.MySearch.e". Action Taken: No Action Taken.
Fri Sep 30 21:36:39 2005 => File C:\Programme\INSTAFINK\instafink.dll tagged as "not-a-virus:AdWare.Win32.404Search.h". Action Taken: No Action Taken.
Fri Sep 30 21:36:50 2005 => File c:\PROGRA~2\altnet\POINTS~1\POINTS~1.EXE tagged as "not-a-virus:AdWare.Win32.Altnet.h". Action Taken: No Action Taken.
Fri Sep 30 22:01:32 2005 => File C:\Dokumente und Einstellungen\Yusuf\Lokale Einstellungen\Temp\asmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.l". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\adm25.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\adm4.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\adm4005.exe tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\admdloader.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.3039". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\admfdi.dll tagged as "not-a-virus:AdWare.Win32.Altnet.j". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\admprog.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\altnetuninstall.exe tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken.
Fri Sep 30 22:15:31 2005 => File C:\Program Files\Altnet\Download Manager\asm.exe tagged as "not-a-virus:AdWare.Win32.Altnet.l". Action Taken: No Action Taken.
Fri Sep 30 22:15:31 2005 => File C:\Program Files\Altnet\Download Manager\asmps.dll tagged as "not-a-virus:AdWare.Win32.Altnet.b". Action Taken: No Action Taken.
Fri Sep 30 22:15:34 2005 => File C:\Program Files\Altnet\Points Manager\sysdetect.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.1007". Action Taken: No Action Taken.
Fri Sep 30 22:42:19 2005 => File C:\Programme\INSTAFINK\InstaFinderK_inst.exe tagged as "not-a-virus:AdWare.Win32.404Search.h". Action Taken: No Action Taken.
Fri Sep 30 22:42:43 2005 => File C:\Programme\Kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Win32.Altnet.d". Action Taken: No Action Taken.
Fri Sep 30 23:09:19 2005 => File C:\Programme\Need2Find\bar\1.bin\N2PLUGIN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.l". Action Taken: No Action Taken.
Fri Sep 30 23:09:19 2005 => File C:\Programme\Need2Find\bar\1.bin\NPND2FN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.o". Action Taken: No Action Taken.
Fri Sep 30 23:32:26 2005 => File C:\WINDOWS\system32\cd_clint.dll tagged as "not-a-virus:AdWare.Win32.Cydoor". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Adware\InstaFinderK_inst.exe tagged as "not-a-virus:AdWare.Win32.404Search.h". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Altnet\adm.exe tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Altnet\adm25.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Altnet\adm4.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\admdloader.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.3039". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\admfdi.dll tagged as "not-a-virus:AdWare.Win32.Altnet.j". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\admprog.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\dmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\mysearch.cab tagged as "not-a-virus:AdWare.Win32.MyWebSearch.o". Action Taken: No Action Taken.
Fri Sep 30 23:42:07 2005 => File C:\WINDOWS\Temp\Altnet\pmexe.cab tagged as "not-a-virus:AdWare.Win32.Altnet.h". Action Taken: No Action Taken.
Fri Sep 30 23:42:07 2005 => File C:\WINDOWS\Temp\Altnet\pmfiles.cab tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.1007". Action Taken: No Action Taken.
Fri Sep 30 23:42:07 2005 => File C:\WINDOWS\Temp\Altnet\Setup.exe tagged as "not-a-virus:AdWare.Win32.Altnet.b". Action Taken: No Action Taken.
Fri Sep 30 23:42:42 2005 => File D:\Remote\TWD.zip tagged as not-a-virus:RemoteAdmin.Win32.RA.51122. No Action Taken.
Fri Sep 30 23:42:42 2005 => File D:\Remote\_FUNZT_TWD Remote Anything 5.11.2\install\Master.exe tagged as not-a-virus:RemoteAdmin.Win32.RA.51122. No Action Taken.
Fri Sep 30 23:42:42 2005 => File D:\Remote\_FUNZT_TWD Remote Anything 5.11.2\install\player.exe tagged as not-a-virus:RemoteAdmin.Win32.RA.2929. No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\instafink !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\p2p networking !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\magnet\handlers\kazaa !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\altnet !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\cydoor !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\gator.com !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\kazaa !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\p2p networking !!!
Fri Sep 30 21:38:21 2005 => Offending Folder found: C:\WINDOWS\cache329
Fri Sep 30 21:38:22 2005 => Offending file found: C:\WINDOWS\smdat32a.sys
Fri Sep 30 21:38:22 2005 => Offending file found: C:\WINDOWS\DOWNLO~1\webp2pinstaller.dll
Fri Sep 30 21:38:22 2005 => Offending Folder found: C:\WINDOWS\TEMP\adware
Fri Sep 30 21:38:22 2005 => Offending Folder found: C:\WINDOWS\TEMP\altnet
Fri Sep 30 21:38:23 2005 => Offending Folder found: C:\WINDOWS\system32\adcache
Fri Sep 30 21:38:23 2005 => Offending file found: C:\WINDOWS\system32\cd_clint.dll
Fri Sep 30 21:38:24 2005 => Offending Folder found: C:\WINDOWS\system32\p2p networking
Fri Sep 30 21:38:24 2005 => Offending file found: C:\WINDOWS\system32\p2p networking v126.cpl
Fri Sep 30 21:38:24 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\aol\c_aol 9.0\shopassist\apps\toolbar
Fri Sep 30 23:54:48 2005 => Total Virus(es) Found: 97
Fri Sep 30 23:54:48 2005 => Total Errors: 160
Fri Sep 30 23:54:48 2005 => Time Elapsed: 02:18:33
Fri Sep 30 23:54:48 2005 => Total Objects Scanned: 127402
Fri Sep 30 21:35:38 2005 => Virus Database Date: 2005/09/30
Fri Sep 30 21:35:49 2005 => Virus Database Date: 2005/09/30
Fri Sep 30 23:54:48 2005 => Virus Database Date: 2005/09/30
Sat Oct 01 07:15:34 2005 => Virus Database Date: 2005/09/30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~



Danke für die Hilfe...

Greko

Alt 01.10.2005, 08:43   #2
Rene-gad
 
Kann es einer anschauen... - Standard

Kann es einer anschauen...


@Greko
Erstmal deinstalliere Kazaa & Co, dann lasse AdAware und Spybot Search & Destroy laufen, dann wiederhole eScan.
__________________
Antwort

Themen zu Kann es einer anschauen...
1.exe, adobe, adware.win32.cydoor, antivirus, bho, c:\windows\temp, computer, desktop, dll, einstellungen, excel, explorer, hijack, hijackthis, home, infected, install.exe, internet, internet explorer, monitor, programme, rundll, software, system, temp, viren, windows, windows xp, windows\temp


« Bitte mal nachschauen | log-file hilfe bitte »


Ähnliche Themen: Kann es einer anschauen...


  1. Kann sich mal einer meinen logfile anschauen!!
    Log-Analyse und Auswertung - 14.03.2008 (5)
  2. Hi, Bin Neu Hier; Kann Sich Einer Meinen Log Anschauen?????
    Log-Analyse und Auswertung - 07.01.2008 (1)
  3. Hi, Bin Neu Hier; Kann Sich Einer Meinen Log Anschauen?????
    Log-Analyse und Auswertung - 17.12.2007 (0)
  4. kann mir das jemand anschauen?
    Log-Analyse und Auswertung - 24.08.2007 (1)
  5. Kann sich das jemand anschauen??
    Log-Analyse und Auswertung - 11.07.2007 (6)
  6. Kann sich das mal einer anschauen...DANKE im Vorraus!
    Mülltonne - 24.10.2006 (1)
  7. Kann sich das mal einer anschauen...DANKE im Vorraus!
    Mülltonne - 24.10.2006 (1)
  8. kann sich das einer mal anschauen?
    Mülltonne - 17.08.2006 (1)
  9. Wäre nett, wenn sich das mal einer anschauen könnte :D
    Log-Analyse und Auswertung - 11.04.2006 (2)
  10. könnte bitte mal einer meinen log anschauen?
    Log-Analyse und Auswertung - 20.12.2005 (3)
  11. Kann mal eine(r) sich das anschauen??
    Log-Analyse und Auswertung - 12.12.2005 (3)
  12. Kann mal einer meinen Log-File anschauen ?
    Log-Analyse und Auswertung - 19.11.2005 (2)
  13. Kann sich das einer schnell aml anschauen?
    Log-Analyse und Auswertung - 06.09.2005 (3)
  14. Trojaner! Kanns sich das mal einer anschauen(Hijackthis.log)? Danke
    Log-Analyse und Auswertung - 30.04.2005 (1)
  15. kann sich das mal jemand anschauen
    Log-Analyse und Auswertung - 07.03.2005 (2)
  16. kann einer bitte meine logs anschauen?
    Log-Analyse und Auswertung - 24.01.2005 (27)
  17. Hilfe...StartPage.IX...könnte sich einer mal mein Logfile anschauen?
    Log-Analyse und Auswertung - 03.07.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Kann es einer anschauen... - ich habe die vermutung, dass ich bei meiner Rechner Viren habe.. laut eScan waren 97 Dateien infiziert.. Hier erstmal mein HijackThis File... Logfile of HijackThis v1.99.1 Scan saved at 07:27:20, - Kann es einer anschauen......
Archiv
Du betrachtest: Kann es einer anschauen... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55