Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte um Hilfe bei Auswertung (https://www.trojaner-board.de/18401-bitte-um-hilfe-auswertung.html)

miranda74 30.05.2005 10:59
Bitte um Hilfe bei Auswertung
 
Hallo,

seit gut 2 Wochen läuft mein Rechner nicht mehr sauber!
Wer kann mir genau sagen woran es liegen könnte??

Logfile of HijackThis v1.99.1
Scan saved at 11:45:03, on 30.05.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Dokumente und Einstellungen\hakim\Desktop\exeknut\exeknut.exe
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\lbxt.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Meaya\Popup Ad Filter\PopFilter.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\SpamPal\spampal.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\hakim\LOKALE~1\Temp\mwavscan.com
C:\DOKUME~1\hakim\LOKALE~1\Temp\kavss.exe
C:\PROGRA~1\ANTI-L~1\ALIE_1~1.9\alhlp.exe
C:\Dokumente und Einstellungen\hakim\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [exe knut] C:\Dokumente und Einstellungen\hakim\Desktop\exeknut\exeknut.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0S2.EXE /P23 "EPSON Stylus C66 Series" /O6 "USB002" /M "Stylus C66"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [JVM0.14] C:\WINDOWS\System32\lbxt.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [Popup Ad Filter] C:\Programme\Meaya\Popup Ad Filter\PopFilter.exe
O4 - Startup: SpamPal.lnk = C:\Programme\SpamPal\spampal.exe
O4 - Global Startup: CAPIControl.lnk = ?
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.versatel.de/internet-cd/
O16 - DPF: Win32 Classes -
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/31dd9f84...dxIE601_de.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B370999-70CF-4B98-8102-8137CECD1E1C}: NameServer = 62.72.64.241 62.72.64.237
O17 - HKLM\System\CS1\Services\Tcpip\..\{2B370999-70CF-4B98-8102-8137CECD1E1C}: NameServer = 62.72.64.241 62.72.64.237
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe

eScan_Logfile:

File C:\Programme\CSBB\CSBB.DLL tagged as "not-a-virus:AdWare.ClearSearch.p". Action Taken: No Action Taken.
File C:\WINDOWS\System32\lbxt.exe infected by "Backdoor.Win32.Agent.ec" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\lbxt.exe infected by "Backdoor.Win32.Agent.ec" Virus! Action Taken: No Action Taken.
Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "MyBar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "MyBar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltnetBDE Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltnetBDE Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltnetBDE Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "myway Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AdDestroyer Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "PerfectNav Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "my way speedbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Claria Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "altnet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltnetBDE Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltnetBDE Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AdDestroyer Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AdDestroyer Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AdDestroyer Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AdDestroyer Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cws.smartsearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:\WINDOWS\SYSTEM\danim.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:\WINDOWS\SYSTEM\ddrawex.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:\WINDOWS\SYSTEM\quartz.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSOWS407.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PUBPLACE.HTT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM32\AXDist.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\WinTV\hcwdlg.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOKUME~1\hakim\LOKALE~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\MARXDEV3.SYS". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\MARXDEV2.SYS". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\MARXDEV1.SYS". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\TDLPT.SYS". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\ASPI32.NT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\WINASPI.NT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\WNASPI32.NT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\WOWPOST.NT". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\mmrtkrnl.sys". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\mmrtkrnl.inf". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\CBUSB.inf". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\CBUSB.sys". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\Mmrtkrnl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\Mmrtkrnl.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Adobe\TypeSpt\MojiKumi\Photoshop6MojiKumi". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Adobe\Photoshop 7.0\Msvcrt10.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOKUME~1\hakim\LOKALE~1\Temp\closedbgout.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOKUME~1\hakim\LOKALE~1\Temp\enableirsocketutil.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Real\GToolbar\BarControl.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\pxwma.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\ac_usb.inf". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\FTD2XX.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\FTD2XX.SYS". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\FTD2XXUN.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\TDUSB.INF". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\TEMP\_ISTMP0.DIR\TDUSB.SYS". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0A6CCD87-4028-4802-9F20-5CB5311C87B2}" refers to invalid object "C:\DOKUME~1\hakim\Desktop\mp3SorT\AUDIOG~1.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0B627186-D013-4E4E-A1E4-09A1F43BDB2E}" refers to invalid object "C:\PROGRA~1\WinTV\hcwdlg.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0BB79661-3906-4688-B005-A80B8F8AE007}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1651F1A6-2ACE-4A40-8808-3C48E216419E}" refers to invalid object "C:\WINDOWS\System32\ActiveWizard.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{17DF8209-2EE7-4599-A8DD-CE5FE2D916C1}" refers to invalid object "C:\WINDOWS\System32\ActiveWizard.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1E6EC2EB-7B47-4842-9146-8047943C81EA}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{35465706-E211-11d3-8B87-C295F909460A}" refers to invalid object "C:\MAGIX\Media_Manager\WMServerReader.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3836A5BF-51B3-4B37-8E96-9D429C22183C}" refers to invalid object "C:\MAGIX\Media_Manager\CddbControl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{38D73E93-BBAB-435F-A03C-BDF5B0AA9FCD}" refers to invalid object "C:\DOKUME~1\hakim\Desktop\mp3SorT\AUDIOG~1.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3D8E41BF-E081-424F-B9CC-29B451026482}" refers to invalid object "C:\Programme\ICQLite\LiteUtil.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4D73287C-D63C-4EC4-966F-EA18D283A810}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{52B87208-9CCF-42C9-B88E-069281105805}" refers to invalid object "C:\PROGRA~1\TROJAN~1\Trshlex.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{56336BCA-3D8A-11d6-A00B-0050DA18DE71}" refers to invalid object "C:\DOKUME~1\hakim\LOKALE~1\Temp\InfoWindow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{59352D90-0181-4097-8706-7B637EC926E1}" refers to invalid object "C:\WINDOWS\System32\ActiveWizard.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5A5B6916-ED71-4531-8018-E792DD44156E}" refers to invalid object "C:\WINDOWS\dd.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5DD79FF6-958A-4811-8FE5-EAB0D79E2B14}" refers to invalid object "C:\Programme\ICQLite\LiteUtil.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5E7724B3-1349-4F2D-8946-092E3A28ABC9}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{795698C9-E328-4AB3-ACC6-F685635FBF9F}" refers to invalid object "C:\MAGIX\Media_Manager\Hhprend.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8605B833-4D98-4C3E-ACC6-1BAB3A39B135}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8722111A-DE20-48ac-832D-0CEDA23212AB}" refers to invalid object "C:\MAGIX\Media_Manager\CDDBUI.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{89DC529F-1424-4C93-A77B-9A2FFFF3A3FB}" refers to invalid object "C:\Programme\ICQLite\LiteUtil.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9609D7C1-6B10-4EF6-8CED-64E4056C1E5B}" refers to invalid object "C:\WINDOWS\System32\ActiveWizard.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A4178E50-A793-4B93-8616-1AAC87DF373B}" refers to invalid object "C:\MAGIX\Media_Manager\JWVidRend.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AA9B2BD7-B7AA-4d4a-AF5C-D7B2C8FB6582}" refers to invalid object "C:\MAGIX\Media_Manager\CDDBUI.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AB7AB3FF-EB55-4B40-AE1D-80ECEFA32E17}" refers to invalid object "C:\MAGIX\Media_Manager\CDDBUI.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AF105A16-E3F0-4215-AD2B-B6E78492E4E1}" refers to invalid object "C:\Programme\ICQLite\LiteUtil.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AF1A9404-6CA9-11D3-B053-00C04F4C0826}" refers to invalid object "C:\MAGIX\Media_Manager\CddbControl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0528CE4-F67E-11D2-8F8E-00C04F4C3B9F}" refers to invalid object "C:\MAGIX\Media_Manager\CddbControl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B144CB7C-13E7-4F05-BBCD-69B886C4F845}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B6F03B7A-AD39-4D1E-B150-91BE65DE100B}" refers to invalid object "C:\PROGRA~1\WinTV\hcwdlg.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C7A8D72B-1BBA-4BA2-B29B-B194AFD90861}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0}" refers to invalid object "C:\WINDOWS\System32\P2P Networking\MARSHAL2.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D03D101E-1FB9-4E6C-910D-96C2C9389B72}" refers to invalid object "C:\WINDOWS\System32\gsHotkey.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D3B1DE00-6B94-1069-8754-08002B2BD64F}" refers to invalid object "C:\WINDOWS\SYSTEM\disktool.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D5CAED65-E654-43CB-949C-C8F26837C34D}" refers to invalid object "C:\WINDOWS\System32\gsFolder.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D734EAE8-0810-4513-99B6-DDAC4BC30E29}" refers to invalid object "C:\MAGIX\Media_Manager\CddbControl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DFEF3E96-F1D4-47CE-A429-2CC8C10DFDB6}" refers to invalid object "C:\MAGIX\Media_Manager\CddbControl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E3EBE8FF-6E21-4D5E-BABE-A93D106FDFBF}" refers to invalid object "C:\WINDOWS\System32\ExpBar1.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EBAF4BF3-F7AA-4ADA-85B6-0313A273B4FF}" refers to invalid object "C:\WINDOWS\System32\gxCLI_Interface.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F4BAFF02-F907-11D2-8F8F-00C04F4C3B9F}" refers to invalid object "C:\MAGIX\Media_Manager\CddbControl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F6FD0A00-43F0-11D1-BE58-00A0C90A4335}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\40\bin\FP4AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F6FD0A01-43F0-11D1-BE58-00A0C90A4335}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\40\bin\FP4AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F6FD0A0E-43F0-11D1-BE58-00A0C90A4335}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\40\bin\FP4AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F6FD0A0F-43F0-11D1-BE58-00A0C90A4335}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\40\bin\FP4AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F6FD0A11-43F0-11D1-BE58-00A0C90A4335}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\40\bin\FP4AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F6FD0A13-43F0-11D1-BE58-00A0C90A4335}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\40\bin\FP4AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F808DF6F-6049-11D1-BA20-006097D2898E}" refers to invalid object ""C:\PROGRAMME\WINDOWS MEDIA PLAYER\LAPRXY.DLL"". Action Taken: No Action Taken.
Entry "HKCR\CDDBControl.DirectSoundGargleDMO" refers to invalid object "{CA223F33-4B22-4857-8339-6FF1C12FC06C}". Action Taken: No Action Taken.
Entry "HKCR\CSBB.CSBBCore" refers to invalid object "{00000000-0000-0000-0000-000000002230}". Action Taken: No Action Taken.
Entry "HKCR\CSBB.CSBBCore.1" refers to invalid object "{00000000-0000-0000-0000-000000002230}". Action Taken: No Action Taken.
Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\Overview.Document" refers to invalid object "{DA23B9C9-6893-11D0-8534-00C04FD7AD0C}". Action Taken: No Action Taken.
Entry "HKCR\WebP2PInstaller.Installer" refers to invalid object "{1D6711C8-7154-40BB-8380-3DEA45B69CBF}". Action Taken: No Action Taken.
Entry "HKCR\WebP2PInstaller.Installer.1" refers to invalid object "{1D6711C8-7154-40BB-8380-3DEA45B69CBF}". Action Taken: No Action Taken.
File C:\WINDOWS\System32\SWLAD2.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\System32\SWLAD1.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\System32\PopOops2.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\System32\PopOops.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\COMMAND\EBD\EBD.CAB tagged as not-a-virus:Tool.ZeroedAndDeleted.Restart. No Action Taken.
File C:\WINDOWS\SYSTEM32\SWLAD2.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM32\SWLAD1.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM32\PopOops2.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM32\PopOops.dll tagged as "not-a-virus:AdWare.VirtualBouncer.g". Action Taken: No Action Taken.
File C:\WINDOWS\browserxtras\pn\remove.exe infected by "Trojan-Downloader.Win32.Keenval.f" Virus! Action Taken: No Action Taken.
File C:\Programme\MyWay\myBar\1.bin\MY2NS.EXE tagged as "not-a-virus:AdWare.Toolbar.MyWay.b". Action Taken: No Action Taken.
File C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL tagged as "not-a-virus:AdWare.ToolBar.MyWay.m". Action Taken: No Action Taken.
File C:\Programme\CSBB\CSBB.DLL tagged as "not-a-virus:AdWare.ClearSearch.p". Action Taken: No Action Taken.
File C:\Programme\CSBB\FNuninstaller.EXE tagged as "not-a-virus:AdWare.ClearSearch.o". Action Taken: No Action Taken.
File C:\Programme\CSBB\csAOLldr.exe tagged as "not-a-virus:AdWare.ClearSearch.j". Action Taken: No Action Taken.
File C:\Programme\AVPersonal\INFECTED\winagent.VIR infected by "Backdoor.Win32.Webdor.p" Virus! Action Taken: No Action Taken.

Rene-gad 30.05.2005 11:06
@miranda74
Zitat:
seit gut 2 Wochen läuft mein Rechner nicht mehr sauber!
Wer kann mir genau sagen woran es liegen könnte??
Die Ursache deines Problems liegt hier:
Zitat:
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Service Pack 2 fehlt.

Das Problem selbst heißt:
Zitat:
File C:\WINDOWS\System32\lbxt.exe infected by "Backdoor.Win32.Agent.ec" Virus! Action Taken: No Action Taken.
Du musst deinen PC nach Anleitung (Link in meiner Signatur) punktgenau neu aufsetzen.
Eine andere Möglichkeit bei einem Backdoor gibt es leider nicht.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:09 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131