| |
| |||||||
Log-Analyse und Auswertung: wieder mal ein hilfe schreiWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.11.2005, 12:41
| #1 |
| |  wieder mal ein hilfe schrei hallihallo ich bitte euch wieder mal um hilfe da meine kiste einfach nicht mehr macht was ich will und format c unbedingt vermeiden will. mein problem ist, das er mir sagt ich hätte keine admin rechte mehr, kann keine progs löschen oder neu installieren. ich hab mal HijackThis laufen lassen und alles gefixt was ich fixen konnte. einige böse dinger aber ignorieren das  im moment sieht das ganze so aus http://www.hijackthis.de/logfiles/54...dfe3aab94.html bitte bitte helft mir meinen rechner wieder so her zu richten das ich wieder freude daran habe ihn eun zu schalten. vielen dank schon mal im voraus |
|
14.11.2005, 14:03
| #2 |
   | wieder mal ein hilfe schrei Servus!
__________________Lass mal escan nach Cidres Anleitung http://www.trojaner-board.de/showthread.php?t=17492 im abgesicherten Modus http://www.systemwiederherstellung-d...indows-xp.html laufen und poste anschließend das Ergebnis von Hauis45´s 'find.bat' (ist in der Anleitung ebenfalls beschrieben). Halte Dich genau an diese Anleitung (Speicherort von escan-entpacken nach C:\bases_x, update vor dem Scan, Spracheinstellung "English", alle Häkchen wie beschrieben setzen) sonst funktioniert die find.bat nicht. Lies´ die Anleitung zuerst ganz durch, sonst übersiehst Du vielleicht etwas! stupormundi
__________________ |
|
16.11.2005, 11:30
| #3 |
| | wieder mal ein hilfe schrei ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
__________________Funde für "infected" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mon Nov 14 16:01:59 2005 => System found infected with dyfuca Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with mybar Spyware/Adware ({0494d0d1-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with windupdates.media pass Spyware/Adware ({1e5f0d38-214b-4085-ad2a-d2290e6a2d2c})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with adware.zangosearch Spyware/Adware ({21b4acc4-8874-4aec-aeac-f567a249b4d4})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with ad-protect Spyware/Adware ({b51dc573-e998-4834-9b45-bab7c2ae0a75})! Action taken: No Action Taken. Mon Nov 14 16:01:59 2005 => System found infected with gain dashbar Spyware/Adware ({cc90cda0-74a0-45b4-80ef-d89ca8c249b8})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with dyfuca Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with mybar Spyware/Adware ({0494d0d1-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with adware.zangosearch Spyware/Adware ({21b4acc4-8874-4aec-aeac-f567a249b4d4})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with ad-protect Spyware/Adware ({b51dc573-e998-4834-9b45-bab7c2ae0a75})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken. Mon Nov 14 16:02:00 2005 => System found infected with windupdates.media pass Spyware/Adware ({735c5a0c-f79f-47a1-8ca1-2a2e482662a8})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with media pass Spyware/Adware ({15696ae2-6ea4-47f4-bea6-a3d32693efc7})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with media pass Spyware/Adware ({00ada225-ea6c-4fb3-82e8-68189201ccb9})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with myway Spyware/Adware ({0494d0d4-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with bonzibuddy Spyware/Adware ({0a45db4d-bd0d-11d2-8d14-00104b9e072a})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with bonzibuddy Spyware/Adware ({0a45db4e-bd0d-11d2-8d14-00104b9e072a})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with dyfuca Spyware/Adware ({1c01d150-91a4-4de0-9bf8-a35d1bdf1001})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with bonzibuddy Spyware/Adware ({e91e27a2-c5ae-11d2-8d1b-00104b9e072a})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken. Mon Nov 14 16:03:28 2005 => System found infected with windupdates.media pass Spyware/Adware ({735c5a0c-f79f-47a1-8ca1-2a2e482662a8})! Action taken: No Action Taken. Mon Nov 14 16:03:30 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken. Mon Nov 14 16:03:30 2005 => System found infected with windupdate Spyware/Adware (ide21201.vxd)! Action taken: No Action Taken. Mon Nov 14 16:03:30 2005 => System found infected with ezula Spyware/Adware (instsrv.exe)! Action taken: No Action Taken. Mon Nov 14 16:03:30 2005 => System found infected with globosearch Spyware/Adware (popup_bl.dll)! Action taken: No Action Taken. Mon Nov 14 16:03:38 2005 => System found infected with whistlesoftware Spyware/Adware (uninstall.ini)! Action taken: No Action Taken. Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (mdx.dll)! Action taken: No Action Taken. Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (moo.dll)! Action taken: No Action Taken. Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (views.mdx)! Action taken: No Action Taken. Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (remote.ini)! Action taken: No Action Taken. Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (mdx.dll)! Action taken: No Action Taken. Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (views.mdx)! Action taken: No Action Taken. Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (mdx.dll)! Action taken: No Action Taken. Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (views.mdx)! Action taken: No Action Taken. Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (moo.dll)! Action taken: No Action Taken. Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (remote.ini)! Action taken: No Action Taken. Mon Nov 14 16:03:43 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:43 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:45 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Mon Nov 14 16:03:45 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Mon Nov 14 16:03:46 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Mon Nov 14 16:03:46 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:51 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:52 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken. Mon Nov 14 16:03:52 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:53 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken. Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken. Mon Nov 14 16:04:01 2005 => System found infected with istbar Spyware/Adware (loaderx.exe)! Action taken: No Action Taken. Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken. Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken. Mon Nov 14 16:04:01 2005 => System found infected with istbar Spyware/Adware (loaderx.exe)! Action taken: No Action Taken. Mon Nov 14 16:17:25 2005 => File C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\zcount.jar-2ad46c4b-4c87eb7f.zip infected by "Exploit.Java.ByteVerify" Virus! Action Taken: No Action Taken. Mon Nov 14 16:59:54 2005 => Scanning File C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\Infected.wav Mon Nov 14 17:36:48 2005 => Total Disinfected Files: 0 |
|
16.11.2005, 11:31
| #4 |
| | wieder mal ein hilfe schrei Funde für "tagged" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mon Nov 14 15:55:22 2005 => File C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL tagged as "not-a-virus:AdWare.Win32.MyWay.g". Action Taken: No Action Taken. Mon Nov 14 15:55:22 2005 => File c:\programme\180searchassistant\sachook.dll tagged as "not-a-virus:AdWare.Win32.180Solutions.p". Action Taken: No Action Taken. Mon Nov 14 15:57:38 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\hijackthis_199\backups\backup-20051111-102130-886.dll tagged as "not-a-virus:AdWare.Win32.WinAD.af". Action Taken: No Action Taken. Mon Nov 14 15:58:15 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Nov 14 15:58:26 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Nov 14 15:59:17 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Nov 14 16:00:42 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken. Mon Nov 14 16:00:51 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken. Mon Nov 14 16:01:06 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL.CRACKED-MiNT\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL\m-su6002\ServUSetup.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.gen. No Action Taken. Mon Nov 14 16:04:16 2005 => File C:\WINDOWS\azkvmx.exe tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken. Mon Nov 14 16:04:17 2005 => File C:\WINDOWS\Chat[cfl-10018,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 16:04:26 2005 => File C:\WINDOWS\hausaufgaben.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 16:04:26 2005 => File C:\WINDOWS\IEMenuExtension.exe tagged as "not-a-virus:AdWare.Win32.Ucmore.e". Action Taken: No Action Taken. Mon Nov 14 16:04:30 2005 => File C:\WINDOWS\p2p.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 16:04:33 2005 => File C:\WINDOWS\radiofox.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 16:04:45 2005 => File C:\WINDOWS\vitalinet[vlt-10011,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 16:07:00 2005 => File C:\WINDOWS\System32\searchdll.dll tagged as "not-a-virus:AdWare.Win32.Serch.a". Action Taken: No Action Taken. Mon Nov 14 16:07:44 2005 => File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\DelF.tmp tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken. Mon Nov 14 16:12:56 2005 => File C:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\Content.IE5\QDSTEF85\content23603-0[1].htm tagged as "not-a-virus:AdWare.Win32.Gator.k". Action Taken: No Action Taken. Mon Nov 14 16:19:16 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\hijackthis_199\backups\backup-20051111-102130-886.dll tagged as "not-a-virus:AdWare.Win32.WinAD.af". Action Taken: No Action Taken. Mon Nov 14 16:19:52 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Nov 14 16:20:02 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Nov 14 16:20:52 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Nov 14 16:22:15 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken. Mon Nov 14 16:22:19 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken. Mon Nov 14 16:22:34 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL.CRACKED-MiNT\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL\m-su6002\ServUSetup.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.gen. No Action Taken. Mon Nov 14 16:23:19 2005 => File C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\DelF.tmp tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken. Mon Nov 14 16:28:00 2005 => File C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\QDSTEF85\content23603-0[1].htm tagged as "not-a-virus:AdWare.Win32.Gator.k". Action Taken: No Action Taken. Mon Nov 14 16:32:52 2005 => File C:\Dokumente und Einstellungen\Audion\Lokale Einstellungen\Temp\asmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.l". Action Taken: No Action Taken. Mon Nov 14 16:33:11 2005 => File C:\Dokumente und Einstellungen\Audion\Lokale Einstellungen\Temp\__unin__.exe tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken. Mon Nov 14 16:45:52 2005 => File C:\Program Files\hbt\dialers\blondes\blondes.exe tagged as "not-a-virus  ialer.Win32.gen". Action Taken: No Action Taken.Mon Nov 14 16:45:52 2005 => File C:\Program Files\Media Access\MediaAccess.exe tagged as "not-a-virus:AdWare.Win32.WinAD.af". Action Taken: No Action Taken. Mon Nov 14 16:45:52 2005 => File C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Nov 14 16:48:36 2005 => File C:\Programme\DashBar\DashBar15.dll tagged as "not-a-virus:AdWare.Win32.Gator.b". Action Taken: No Action Taken. Mon Nov 14 16:48:55 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\CMEIIAPI.dll tagged as "not-a-virus:AdWare.Win32.Gator.5115". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GController.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GDwldEng.dll tagged as "not-a-virus:AdWare.Win32.Gator.3124". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIocl.dll tagged as "not-a-virus:AdWare.Win32.Gator.6041". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIoclClient.dll tagged as "not-a-virus:AdWare.Win32.Gator.6041". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GMTProxy.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GObjs.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStore.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken. Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStoreServer.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken. Mon Nov 14 16:52:00 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGIEProcess.dll tagged as "not-a-virus:AdWare.Win32.Gator.5017". Action Taken: No Action Taken. Mon Nov 14 16:52:00 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGNSEngine.dll tagged as "not-a-virus:AdWare.Win32.Gator.5017". Action Taken: No Action Taken. Mon Nov 14 16:52:00 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GatorRes.dll tagged as "not-a-virus:AdWare.Win32.Gator.6041". Action Taken: No Action Taken. Mon Nov 14 16:52:01 2005 => File C:\Programme\Gemeinsame Dateien\GMT\gtrawbm.fil tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken. Mon Nov 14 16:53:23 2005 => File C:\Programme\Gemeinsame Dateien\ptnplnlj\nnptrchh\hpbhbcln.exe tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken. Mon Nov 14 16:53:23 2005 => File C:\Programme\Gemeinsame Dateien\ptnplnlj\pncttpcldl\pfbjbdjar.exe tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken. Mon Nov 14 17:08:04 2005 => File C:\Programme\MyWay\myBar\1.bin\MY2NS.EXE tagged as "not-a-virus:AdWare.Win32.MyWay.b". Action Taken: No Action Taken. Mon Nov 14 17:08:04 2005 => File C:\Programme\MyWay\myBar\1.bin\NPMYWAY.DLL tagged as "not-a-virus:AdWare.Win32.MyWay.f". Action Taken: No Action Taken. Mon Nov 14 17:08:10 2005 => File C:\Programme\PrecisionTime\PrecisionTime.exe tagged as "not-a-virus:AdWare.Win32.Gator.2300". Action Taken: No Action Taken. Mon Nov 14 17:08:10 2005 => File C:\Programme\PrecisionTime\PTUninstaller.exe tagged as "not-a-virus:AdWare.Win32.DashBar.d". Action Taken: No Action Taken. Mon Nov 14 17:08:12 2005 => File C:\Programme\Serv-U\ServUAdmin.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.5201. No Action Taken. Mon Nov 14 17:08:12 2005 => File C:\Programme\Serv-U\ServUDaemon.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.gen. No Action Taken. Mon Nov 14 17:08:12 2005 => File C:\Programme\Serv-U\ServUTray.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.5201. No Action Taken. Mon Nov 14 17:08:34 2005 => File C:\Programme\TopConverting\arkanoid\arkanoid.exe tagged as "not-a-virus:AdWare.Win32.WinShow.f". Action Taken: No Action Taken. Mon Nov 14 17:09:29 2005 => File C:\Programme\Weisseradler-Script 1.071\Weisseradler-Script.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken. Mon Nov 14 17:10:03 2005 => File C:\RECYCLER\S-1-5-21-1935655697-1563985344-1957994488-1003\Dc4.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.5000. No Action Taken. Mon Nov 14 17:10:22 2005 => File C:\RECYCLER\S-1-5-21-1935655697-1563985344-1957994488-500\Dc140.exe tagged as "not-a-virus:AdWare.Win32.Gator.5112". Action Taken: No Action Taken. Mon Nov 14 17:10:24 2005 => File C:\RECYCLER\S-1-5-21-1935655697-1563985344-1957994488-500\Dc142.exe tagged as "not-a-virus:AdWare.Win32.Gator.7035". Action Taken: No Action Taken. Mon Nov 14 17:16:03 2005 => File C:\WINDOWS\azkvmx.exe tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken. Mon Nov 14 17:16:04 2005 => File C:\WINDOWS\Chat[cfl-10018,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 17:16:18 2005 => File C:\WINDOWS\Downloaded Program Files\WONWebLauncherControl.ocx tagged as "not-a-virus:AdWare.Win32.iWon.c". Action Taken: No Action Taken. Mon Nov 14 17:18:53 2005 => File C:\WINDOWS\hausaufgaben.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 17:21:59 2005 => File C:\WINDOWS\IEMenuExtension.exe tagged as "not-a-virus:AdWare.Win32.Ucmore.e". Action Taken: No Action Taken. Mon Nov 14 17:24:38 2005 => File C:\WINDOWS\p2p.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 17:25:40 2005 => File C:\WINDOWS\radiofox.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. Mon Nov 14 17:35:33 2005 => File C:\WINDOWS\system32\searchdll.dll tagged as "not-a-virus:AdWare.Win32.Serch.a". Action Taken: No Action Taken. Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\adm.exe tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken. Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\adm25.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken. Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\adm4.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken. Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\admdloader.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.3039". Action Taken: No Action Taken. Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\admfdi.dll tagged as "not-a-virus:AdWare.Win32.Altnet.j". Action Taken: No Action Taken. Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\admprog.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken. Mon Nov 14 17:36:36 2005 => File C:\WINDOWS\Temp\Altnet\dmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken. Mon Nov 14 17:36:36 2005 => File C:\WINDOWS\Temp\Altnet\mysearch.cab tagged as "not-a-virus:AdWare.Win32.MyWay.g". Action Taken: No Action Taken. Mon Nov 14 17:36:37 2005 => File C:\WINDOWS\Temp\Altnet\pmexe.cab tagged as "not-a-virus:AdWare.Win32.Altnet.h". Action Taken: No Action Taken. Mon Nov 14 17:36:37 2005 => File C:\WINDOWS\Temp\Altnet\pmfiles.cab tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.1007". Action Taken: No Action Taken. Mon Nov 14 17:36:37 2005 => File C:\WINDOWS\Temp\Altnet\Setup.exe tagged as "not-a-virus:AdWare.Win32.Altnet.b". Action Taken: No Action Taken. Mon Nov 14 17:36:41 2005 => File C:\WINDOWS\vitalinet[vlt-10011,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "offending" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\dashbar !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\media access !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\precisiontime !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\topconverting !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\avenue media !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\gator.com !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\kazaa !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\media access !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\myway !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\p2p networking !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\topconverting !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKCU\Software\avenue media !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKCU\Software\gnu !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\policies\avenue media !!! Mon Nov 14 16:03:29 2005 => Offending Key found: HKCU\Software\policies\avenue media !!! Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\smdat32a.sys Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\WINDOWS\TEMP\adware Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\WINDOWS\TEMP\altnet Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\System32\ide21201.vxd Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\System32\instsrv.exe Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\System32\popup_bl.dll Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\180searchassistant Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\dashbar Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\gator.com Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\kazaa Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\myway Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\perfectnav Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\precisiontime Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\topconverting Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\Gemeinsame Dateien\cmeii Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\Gemeinsame Dateien\gmt Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\fitting\044\uninstall.ini Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\dll\mdx.dll Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\dll\moo.dll Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\dll\views.mdx Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\remote.ini Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\dccinfo\mdx.dll Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\dccinfo\views.mdx Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\prot\dll\mdx.dll Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\prot\dll\views.mdx Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\moo.dll Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\remote.i ni Mon Nov 14 16:03:43 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\0xm7qrc5\ads[1].htm Mon Nov 14 16:03:43 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\0xm7qrc5\ads[2].htm Mon Nov 14 16:03:45 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\89y3o1ij\show_ads[2].js Mon Nov 14 16:03:45 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\89y3o1ij\stylesheet[1].css Mon Nov 14 16:03:46 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\bacrjpkl\adswrapper[1].js Mon Nov 14 16:03:46 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\bacrjpkl\ads[2].htm Mon Nov 14 16:03:51 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\m7kfad4f\ads[1].htm Mon Nov 14 16:03:52 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\ortn2e3x\adsend[1].js Mon Nov 14 16:03:52 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\ortn2e3x\ads[1].htm Mon Nov 14 16:03:53 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\ortn2e3x\stylesheet[1].css Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\0xm7qrc5\ads[1].htm Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\0xm7qrc5\ads[2].htm Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\89y3o1ij\show_ads[2].js Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\89y3o1ij\stylesheet[1].css Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\bacrjpkl\adswrapper[1].js Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\bacrjpkl\ads[2].htm Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\m7kfad4f\ads[1].htm Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\ortn2e3x\adsend[1].js Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\ortn2e3x\ads[1].htm Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\ortn2e3x\stylesheet[1].css Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\180search assistant Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\gain publishing Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\precisiontime Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\180search assistant Mon Nov 14 16:04:01 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\gain publishing Mon Nov 14 16:04:01 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\precisiontime ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Statistiken: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mon Nov 14 17:36:48 2005 => Total Virus(es) Found: 183 Mon Nov 14 17:36:48 2005 => Total Errors: 27 Mon Nov 14 17:36:48 2005 => Time Elapsed: 01:41:04 Mon Nov 14 17:36:48 2005 => Total Objects Scanned: 86783 Mon Nov 14 15:54:07 2005 => Virus Database Date: 2005/11/14 Mon Nov 14 17:36:48 2005 => Virus Database Date: 2005/11/14 Wed Nov 16 09:07:23 2005 => Virus Database Date: 2005/11/14 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~ © Haui ;-) ~~~~~~~ ~~~~~~~ Dank an Cidre ~~~~~~~ |
|
16.11.2005, 11:55
| #5 |
| | wieder mal ein hilfe schrei Hallo, ach du meine Güte, wie kann man sich so viel Ad/Spyware einfangen. Na gut, mach mal folgendes, besorge dir die Programme Ad-Aware, Spybot und Ewido und scanne mit ihnen das System, dann noch mal cleanup! drüber laufen lassen, die Datei MWAV.LOG löschen, Escan wieder scannen lassen und wieder das Ergebnis posten. Grüße Wildone |
|
| Themen zu wieder mal ein hilfe schrei |
| admin, bedingt, dinger, einfach, fixen, format, freude, gefixt, helft, hijack, hijackthis, ignorieren, installiere, kis, laufe, laufen, löschen, neu, nicht mehr, problem, progs, rechner, rechte, unbedingt, vermeide |
Linear-Darstellung
