|
kann mir da jem was dazu sagen? Hallo, adware findet dauernd irgendwelche infizierten dateien...ich kenn mich mit trojaner und so nicht aus, aber hab dies mit hijacker gemacht und hier ist der ausdruck: Logfile of HijackThis v1.99.1 Scan saved at 21:53:03, on 18.02.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\Explorer.EXE C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\FSI\F-Prot\fpavupdm.exe C:\Programme\Norton AntiVirus\navapsvc.exe C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\Analog Devices\SoundMAX\SMAgent.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe C:\Programme\Apoint2K\Apoint.exe C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Apoint2K\Apntex.exe C:\Programme\QuickTime\qttask.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\HPQ\Quick Launch Buttons\EabServr.exe C:\Programme\FSI\F-Prot\F-Sched.exe C:\Programme\FSI\F-Prot\F-StopW.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe C:\Programme\NETGEAR MA521 Adapter\wlancfg5.exe C:\Programme\Corel\Graphics9\Register\Remind32.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Adobe\Acrobat 6.0\Reader\AcroRd32.exe C:\Programme\Internet Explorer\iexplore.exe C:\DOKUME~1\DENISE~1\LOKALE~1\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Cpqset] C:\Programme\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [UpdateManager] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programme\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe O4 - HKLM\..\Run: [mwavscan] "C:\DOKUME~1\DENISE~1\LOKALE~1\Temp\mwavscan.com" /s O4 - HKLM\..\Run: [FRISK FP-Scheduler] C:\Programme\FSI\F-Prot\F-Sched.exe STARTUP O4 - HKLM\..\Run: [F-StopW] C:\Programme\FSI\F-Prot\F-StopW.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet O4 - Startup: Corel Registration.lnk = C:\Programme\Corel\Graphics9\Register\Remind32.exe O4 - Global Startup: MA521 Configuration Utility.lnk = C:\Programme\NETGEAR MA521 Adapter\wlancfg5.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Programme\IrfanView\Ebay\Ebay.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=Q105&bd=pavilion&pf=laptop O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: F-Prot Antivirus Update Monitor - FRISK Software - C:\Programme\FSI\F-Prot\fpavupdm.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programme\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe kann mir jemand helfen und sagen was da los ist? anfangs wurd ich immer auf polizeibedarf umgeleitet und ich hab das gefühl, dass ich diese identifizierten dateien lösche, aber die immer wieder kommen und vielleicht vermehren sie sich ja soga .. :pfui: naja...hoff auf feedback :confused: danke usy |
Hallo, Zitat:
Ich sehe auf Anhieb keine Auffälligkeiten in deinem Log-File. Poste die Warnmeldungen von Ad-Aware und führe dies noch aus: Lade und scanne mit eScan AntiVirus im abgesicherten Modus wie beschrieben. Poste anschliessend die Virus Log Information von eScan AntiVirus: Öffne die mwav.log im Ordner C:\bases -> Bearbeiten -> Suchen -> infected oder tagged eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen. |
adware muss wohl auf zweimal Lavasoft Ad-aware Personal Build 6.181 Logfile created on :Samstag, 19. Februar 2005 12:26:21 Created with Ad-aware Personal, free for private use. Using reference-file :01R347 26.10.2004 ______________________________________________________ Ad-aware Settings ========================= Set : Activate in-depth scan (Recommended) Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep scan registry 19.02.2005 12:26:21 - Scan started. (Smart mode) Listing running processes ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ #:1 [smss.exe] FilePath : \SystemRoot\System32\ ThreadCreationTime : 19.02.2005 09:51:04 BasePriority : Normal #:2 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 09:51:06 BasePriority : High #:3 [services.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 09:51:07 BasePriority : Normal FileSize : 106 KB FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 CompanyName : Microsoft Corporation FileDescription : Anwendung f InternalName : services.exe OriginalFilename : services.exe ProductName : Betriebssystem Microsoft Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:26:21 Last modified : 04.08.2004 08:00:00 #:4 [lsass.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 09:51:07 BasePriority : Normal FileSize : 13 KB FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe OriginalFilename : lsass.exe ProductName : Microsoft Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:26:21 Last modified : 04.08.2004 08:00:00 #:5 [svchost.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 09:51:08 BasePriority : Normal FileSize : 14 KB FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:26:21 Last modified : 04.08.2004 08:00:00 #:6 [svchost.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 19.02.2005 09:51:08 BasePriority : Normal FileSize : 14 KB FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:26:21 Last modified : 04.08.2004 08:00:00 |
Teil zwei adaware #:7 [ccsetmgr.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ThreadCreationTime : 19.02.2005 09:51:10 BasePriority : Normal FileSize : 161 KB FileVersion : 103.0.1.26 ProductVersion : 103.0.1.26 Copyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Symantec Settings Manager Service InternalName : ccSetMgr OriginalFilename : ccSetMgr.exe ProductName : Client and Host Security Platform Created on : 24.08.2004 21:35:00 Last accessed : 19.02.2005 10:54:53 Last modified : 24.08.2004 21:35:00 #:8 [sndsrvc.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ThreadCreationTime : 19.02.2005 09:51:10 BasePriority : Normal FileSize : 201 KB FileVersion : 5.4.4.17 ProductVersion : 5.4 Copyright : Copyright 2002, 2003, 2004 Symantec Corporation CompanyName : Symantec Corporation FileDescription : Network Driver Service InternalName : SndSrvc OriginalFilename : SndSrvc.exe ProductName : Symantec Security Drivers Created on : 21.01.2005 21:32:12 Last accessed : 19.02.2005 11:17:08 Last modified : 21.01.2005 21:32:12 #:9 [explorer.exe] FilePath : C:\WINDOWS\ ThreadCreationTime : 19.02.2005 09:51:10 BasePriority : Normal FileSize : 1011 KB FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer OriginalFilename : EXPLORER.EXE ProductName : Betriebssystem Microsoft Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:26:21 Last modified : 04.08.2004 08:00:00 #:10 [spbbcsvc.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\ ThreadCreationTime : 19.02.2005 09:51:10 BasePriority : Normal FileSize : 169 KB FileVersion : 1,0,1,47 ProductVersion : 1,0,1,47 Copyright : Copyright (c) 2004 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : SPBBC Service InternalName : SPBBCSvc OriginalFilename : SPBBCSvc.exe ProductName : SPBBC Created on : 21.07.2004 21:24:04 Last accessed : 19.02.2005 11:26:22 Last modified : 21.07.2004 21:24:04 #:11 [ccevtmgr.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ThreadCreationTime : 19.02.2005 09:51:10 BasePriority : Normal FileSize : 193 KB FileVersion : 103.0.1.26 ProductVersion : 103.0.1.26 Copyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Symantec Event Manager Service InternalName : ccEvtMgr OriginalFilename : ccEvtMgr.exe ProductName : Client and Host Security Platform Created on : 24.08.2004 21:33:52 Last accessed : 19.02.2005 11:17:06 Last modified : 24.08.2004 21:33:52 #:12 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 09:51:11 BasePriority : Normal FileSize : 56 KB FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe OriginalFilename : spoolsv.exe ProductName : Microsoft Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:26:22 Last modified : 04.08.2004 08:00:00 #:13 [navapsvc.exe] FilePath : C:\Programme\Norton AntiVirus\ ThreadCreationTime : 19.02.2005 09:51:18 BasePriority : Normal FileSize : 172 KB FileVersion : 11.0.1.3 ProductVersion : 11.0.1 Copyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC OriginalFilename : NAVAPSVC.EXE ProductName : Norton AntiVirus Created on : 24.08.2004 22:29:58 Last accessed : 19.02.2005 11:17:00 Last modified : 24.08.2004 22:29:58 #:14 [npfmntor.exe] FilePath : C:\Programme\Norton AntiVirus\IWP\ ThreadCreationTime : 19.02.2005 09:51:18 BasePriority : Normal FileSize : 45 KB FileVersion : 11.0.1.3 ProductVersion : 11.0.1 Copyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Firewall Install Monitor InternalName : NPFMonitor OriginalFilename : NPFMonitor.EXE ProductName : Norton AntiVirus Created on : 18.08.2004 12:44:56 Last accessed : 19.02.2005 11:26:22 Last modified : 18.08.2004 12:44:56 #:15 [nvsvc32.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 09:51:18 BasePriority : Normal FileSize : 72 KB FileVersion : 6.14.10.4716 ProductVersion : 6.14.10.4716 Copyright : (C) NVIDIA Corporation. All rights reserved. CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 47.16 InternalName : NVSVC OriginalFilename : nvsvc32.exe ProductName : NVIDIA Driver Helper Service, Version 47.16 Created on : 07.04.2004 19:22:00 Last accessed : 19.02.2005 11:26:22 Last modified : 07.04.2004 19:22:00 #:16 [smagent.exe] FilePath : C:\Programme\Analog Devices\SoundMAX\ ThreadCreationTime : 19.02.2005 09:51:21 BasePriority : Normal FileSize : 44 KB FileVersion : 3, 2, 6, 0 ProductVersion : 3, 2, 6, 0 Copyright : Copyright CompanyName : Analog Devices, Inc. FileDescription : SoundMAX service agent component InternalName : SMAgent OriginalFilename : SMAgent.exe ProductName : SoundMAX service agent Created on : 23.11.2004 05:18:10 Last accessed : 19.02.2005 11:26:23 Last modified : 20.09.2002 14:50:10 #:17 [symwsc.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\ ThreadCreationTime : 19.02.2005 09:51:21 BasePriority : Normal FileSize : 309 KB FileVersion : 2005.1.2.20 ProductVersion : 2005.1 Copyright : Copyright (c) 1997-2004 Symantec Corporation CompanyName : Symantec Corporation FileDescription : Norton Security Center Service InternalName : SymWSC.exe OriginalFilename : SymWSC.exe ProductName : Norton Security Center Created on : 05.08.2004 16:23:10 Last accessed : 19.02.2005 11:26:23 Last modified : 02.11.2004 15:59:50 |
teil drei...adware #:18 [apoint.exe] FilePath : C:\Programme\Apoint2K\ ThreadCreationTime : 19.02.2005 09:51:34 BasePriority : Normal FileSize : 156 KB FileVersion : 5.3.10.177 ProductVersion : 5.3.10.177 Copyright : Copyright (C) 1999-2003 Alps Electric Co., Ltd. CompanyName : Alps Electric Co., Ltd. FileDescription : Alps Pointing-device Driver InternalName : Alps Pointing-device Driver OriginalFilename : Apoint.exe ProductName : Alps Pointing-device Driver Created on : 08.10.2003 03:40:00 Last accessed : 19.02.2005 11:26:23 Last modified : 08.10.2003 03:40:00 #:19 [ituneshelper.exe] FilePath : C:\Programme\iTunes\ ThreadCreationTime : 19.02.2005 09:51:35 BasePriority : Normal FileSize : 280 KB FileVersion : 4.6.0.15 ProductVersion : 4.6.0.15 CompanyName : Apple Computer, Inc. FileDescription : iTunesHelper Module InternalName : iTunesHelper OriginalFilename : iTunesHelper.exe ProductName : iTunes Created on : 08.06.2004 15:19:00 Last accessed : 19.02.2005 11:26:23 Last modified : 08.06.2004 15:19:0 #:20 [qttask.exe] FilePath : C:\Programme\QuickTime\ ThreadCreationTime : 19.02.2005 09:51:35 BasePriority : Normal FileSize : 96 KB FileVersion : 6.5.1 ProductVersion : QuickTime 6.5.1 CompanyName : Apple Computer, Inc. InternalName : QuickTime Task OriginalFilename : QTTask.exe ProductName : QuickTime Created on : 23.11.2004 05:45:58 Last accessed : 19.02.2005 11:26:23 Last modified : 23.11.2004 05:45:58 #:21 [ccapp.exe] FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\ ThreadCreationTime : 19.02.2005 09:51:35 BasePriority : Normal FileSize : 57 KB FileVersion : 103.0.1.26 ProductVersion : 103.0.1.26 Copyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Symantec User Session InternalName : ccApp OriginalFilename : ccApp.exe ProductName : Client and Host Security Platform Created on : 24.08.2004 21:33:26 Last accessed : 19.02.2005 11:26:23 Last modified : 24.08.2004 21:33:26 #:22 [ipodservice.exe] FilePath : C:\Programme\iPod\bin\ ThreadCreationTime : 19.02.2005 09:51:36 BasePriority : Normal FileSize : 392 KB FileVersion : 4.6.0.15 ProductVersion : 4.6.0.15 CompanyName : Apple Computer, Inc. FileDescription : iPodService Module InternalName : iPodService OriginalFilename : iPodService.exe ProductName : iTunes Created on : 08.06.2004 15:19:00 Last accessed : 19.02.2005 11:26:23 Last modified : 08.06.2004 15:19:00 #:23 [eabservr.exe] FilePath : C:\Programme\HPQ\Quick Launch Buttons\ ThreadCreationTime : 19.02.2005 09:51:36 BasePriority : Normal FileSize : 284 KB FileVersion : 5, 0, 3, 1 ProductVersion : 5, 0, 3, 1 Copyright : Copyright CompanyName : Hewlett-Packard FileDescription : Quick Launch Buttons InternalName : eabsrvr OriginalFilename : eabsrvr.exe ProductName : Quick Launch Buttons Created on : 23.11.2004 05:49:02 Last accessed : 19.02.2005 10:47:44 Last modified : 19.08.2004 10:50:18 #:24 [agrsmmsg.exe] FilePath : C:\WINDOWS\ ThreadCreationTime : 19.02.2005 09:51:37 BasePriority : Normal FileSize : 86 KB FileVersion : 2.1.41.10 2.1.41.10 06/29/2004 09:06:35 ProductVersion : 2.1.41.10 2.1.41.10 06/29/2004 09:06:35 Copyright : Copyright CompanyName : Agere Systems FileDescription : SoftModem Messaging Applet InternalName : smdmstat.exe OriginalFilename : smdmstat.exe ProductName : Agere SoftModem Messaging Applet Created on : 03.09.2004 12:52:00 Last accessed : 19.02.2005 11:26:23 Last modified : 03.09.2004 12:52:00 #:25 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 09:51:37 BasePriority : Normal FileSize : 15 KB FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON OriginalFilename : CTFMON.EXE ProductName : Microsoft Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:26:23 Last modified : 04.08.2004 08:00:00 #:26 [ypager.exe] FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\ ThreadCreationTime : 19.02.2005 09:51:37 BasePriority : Normal FileSize : 2444 KB FileVersion : 6,0,0,1750 ProductVersion : 6,0,0,1750 Copyright : Copyright 1998-2004 CompanyName : Yahoo! Inc. FileDescription : Yahoo! Messenger InternalName : Yahoo! Messengerr OriginalFilename : YPager.exe ProductName : Yahoo! Messenger Created on : 02.02.2005 13:49:39 Last accessed : 19.02.2005 11:17:06 Last modified : 06.08.2004 14:33:46 #:27 [wlancfg5.exe] FilePath : C:\Programme\NETGEAR MA521 Adapter\ ThreadCreationTime : 19.02.2005 09:51:38 BasePriority : Normal FileSize : 416 KB FileVersion : 1, 2, 0, 4 ProductVersion : 1, 2, 0, 4 Copyright : Copyright (C) 2003 InternalName : ClientCU ProductName : ClientCU Application Created on : 28.11.2003 01:01:20 Last accessed : 19.02.2005 11:17:05 Last modified : 28.11.2003 01:01:20 |
der rest...sorry war so viel #:28 [apntex.exe] FilePath : C:\Programme\Apoint2K\ ThreadCreationTime : 19.02.2005 09:51:38 BasePriority : Normal FileSize : 44 KB FileVersion : 5.0.1.15 ProductVersion : 5.0.1.15 Copyright : Copyright (C) 1998-2003 Alps Electric Co., Ltd. CompanyName : Alps Electric Co., Ltd. FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP InternalName : Alps Pointing-device Driver for Windows NT/2000/XP OriginalFilename : ApntEx.exe ProductName : Alps Pointing-device Driver for Windows NT/2000/XP Created on : 08.10.2003 03:40:00 Last accessed : 19.02.2005 11:26:23 Last modified : 08.10.2003 03:40:00 #:29 [remind32.exe] FilePath : C:\Programme\Corel\Graphics9\Register\ ThreadCreationTime : 19.02.2005 09:51:39 BasePriority : Normal FileSize : 66 KB FileVersion : 2,5,1,0 ProductVersion : 2,5,1,0 CompanyName : IntelliQuest Communications, Inc. FileDescription : Remind32.exe InternalName : Remind32.exe OriginalFilename : Remind32.exe ProductName : Intelliquest Reminder Application Created on : 04.02.2005 07:59:51 Last accessed : 19.02.2005 11:26:23 Last modified : 23.07.1998 09:51:26 #:30 [msiexec.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 19.02.2005 11:23:18 BasePriority : Normal FileSize : 75 KB FileVersion : 3.0.3790.2180 ProductVersion : 3.0.3790.2180 CompanyName : Microsoft Corporation FileDescription : Windows InternalName : msiexec OriginalFilename : msiexec.exe ProductName : Windows Installer - Unicode Created on : 04.08.2004 08:00:00 Last accessed : 19.02.2005 11:23:17 Last modified : 04.08.2004 08:00:00 #:31 [ad-aware.exe] FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\ ThreadCreationTime : 19.02.2005 11:26:15 BasePriority : Normal FileSize : 668 KB FileVersion : 6.0.1.181 ProductVersion : 6.0.0.0 Copyright : Copyright CompanyName : Lavasoft Sweden FileDescription : Ad-aware 6 core application InternalName : Ad-aware.exe OriginalFilename : Ad-aware.exe ProductName : Lavasoft Ad-aware Plus Created on : 04.02.2005 11:24:44 Last accessed : 19.02.2005 11:26:15 Last modified : 12.07.2003 20:00:20 Memory scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 0 Started registry scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Registry scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 0 Started deep registry scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Deep registry scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 0 ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Tracking Cookie Object recognized! Type : File Data : meinname@2o7[1].txt Object : C:\Dokumente und Einstellungen\MeinName\Cookies\ Created on : 19.02.2005 10:03:06 Last accessed : 19.02.2005 11:27:41 Last modified : 19.02.2005 10:10:26 Tracking Cookie Object recognized! Type : File Data : mein name@as1.falkag[1].txt Object : C:\Dokumente und Einstellungen\Mein Name\Cookies\ Created on : 19.02.2005 09:33:18 Last accessed : 19.02.2005 11:27:41 Last modified : 19.02.2005 09:33:18 ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Deep scanning and examining files (C:) ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Performing conditional scans.. ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Conditional scan result: ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 2 12:28:09 Scan complete Summary of this scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Total scanning time :00:01:47:844 Objects scanned :47606 Objects identified :2 Objects ignored :0 New objects :2 |
Editiere schnellstmöglich deinen Realname am Ende des Ad-Aware Logs.;) Zitat:
http://www.www-kurs.de/cookies.htm |
Oups...kannst mir dazu noch was sagen? realname??? was wo? kenn mich nun gar net mehr aus. Hab ich jetzt nen wurm oder nicht? was hat es mit diesem realnamen auf sich ?? sorry wenn ich blöd frage..kenn mich aber null aus mit solchen sachen danke usy |
hi nochmal.... abgesehen von dem realnamen ändern...wo ich nicht weiss wo das geht hab ich im ordner cookies eine Datei die nennt sich INDEX...ist eine DAT datei...die geht nicht zu löschen! danke euch und warte auf antwort ;) usy |
editieren...okay weiss nun ... danke und was heisst das nun mit Tracking Cookie Object recognized ??? was bedeutet das? danke usy |
Zitat:
Deinen Realname hast du ja jetzt endlich editiert. Zitat:
Zitat:
Du kannst aber zur Sicherheit mal dies ausführen: Lade und scanne mit eScan AntiVirus im abgesicherten Modus wie beschrieben. Poste anschliessend die Virus Log Information von eScan AntiVirus: Öffne die mwav.log im Ordner C:\bases -> Bearbeiten -> Suchen -> infected oder tagged eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 17:58 Uhr. |
Copyright ©2000-2025, Trojaner-Board