Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Hilfe bei Auswertung (https://www.trojaner-board.de/18859-hilfe-auswertung.html)

BrassMan 11.06.2005 23:26
Hilfe bei Auswertung
 
Ich habe mir mittlerweile mit Sicherheit verdammt viele Viren und Würmer eingefangen, die ich nicht wegbekomme. Nun habe ich von HiJackThis gehört und wollte das mal testen. Zum Beispiel hab ich jetzt den Grund für meinen nicht angezeigten Desktophintergrund gefunden (Hicjacker)

Ich wäre also sehr froh, wenn mir jemand bei der Auswertung von folgendem logfile helfen kann. thx schonmal im vorraus ;)

Zitat:
Logfile of HijackThis v1.99.1
Scan saved at 00:09:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe -----> kein virus
C:\WINDOWS\system32\winlogon.exe -----> kein virus
C:\WINDOWS\system32\services.exe -----> kein virus
C:\WINDOWS\system32\lsass.exe -----> kein virus
C:\WINDOWS\system32\svchost.exe -----> kein virus
C:\WINDOWS\System32\svchost.exe -----> kein virus
C:\WINDOWS\system32\spoolsv.exe -----> kein virus
C:\WINDOWS\Explorer.exe -----> kein virus
C:\Programme\DriveCrypt\DcrServ.exe -----> kein virus
C:\Programme\toptoolz\Opera7\opera.exe -----> kein virus
C:\WINDOWS\System32\svchost.exe -----> kein virus
C:\Programme\Internet Explorer\iexplore.exe -----> kein virus
c:\windows\system32\pmbvtih.exe -----> Trojan.Win32.Agent.ay
c:\progra~1\intern~1\iexplore.exe -----> kein virus
C:\Dokumente und Einstellungen\BrassMan\Desktop\HijackThis.exe -----> kein virus

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://82.179.166.192/search.php?v=6&aff=617907
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://82.179.166.192/index.php?v=6&aff=617907
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: IncrediFindBHO Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll
O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000001} - (no file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem301.dll
O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\System32\bridge.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programme\SideFind\sfbho13.dll
O2 - BHO: CHungryBHO Object - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\neti.dll
O2 - BHO: (no name) - {BDE23876-7113-3334-6C3A-E2071F9577A2} - C:\DOKUME~1\BrassMan\ANWEND~1\AXISTO~1\knob fast.exe
O2 - BHO: (no name) - {C5941EE5-6DFA-11D8-86B0-0002441A9695} - C:\WINDOWS\3_0_1browserhelper3.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\PROGRA~1\BARGAI~1\bin\apuc.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Search Bar - {0A8CE102-FA03-4612-9BEE-7FE5452F4CB1} - C:\WINDOWS\system32\srchbar.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ubcotng] c:\windows\system32\pmbvtih.exe r
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKLM\..\RunOnce: [VcCleanUp.exe] C:\DOKUME~1\BrassMan\LOKALE~1\Temp\VcCleanUp.exe /F C:\PROGRA~1\GEMEIN~1\SYMANT~1\LiveReg\ /RemoveAll
O4 - HKLM\..\RunOnce: [WUpdate] C:\WINDOWS\System32\supd250305.exe
O4 - HKCU\..\Run: [DriveCrypt Startup] C:\Programme\DriveCrypt\DriveCrypt.exe /WS
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programme\SideFind\sidefind13.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O12 - Plugin for .exe: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .rar: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .tgz: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .zip: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DBBD066-2534-45E9-A180-BB2C745970CD}: NameServer = 62.27.27.62 195.247.247.195
O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - C:\WINDOWS\System32\xplugin.dll
O23 - Service: AVK Service (AVKService) - Unknown owner - H:\Antivirus-Profi-Paket\AVKService.exe (file missing)
O23 - Service: Antivirus Wächter (AVKWCtl) - Unknown owner - H:\Antivirus-Profi-Paket\AVKWCtl.exe (file missing)
O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Programme\DriveCrypt\DcrServ.exe
O23 - Service: GBPoll - Unknown owner - C:\Programme\Roxio\GoBack\GBPoll.exe (file missing)
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Programme\MySQL\MySQL.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RVS CAPI (RVS_CE) - RVS Datentechnik GmbH, München - C:\WINDOWS\system32\rvs_cent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
_____________
Anm.
Aktive Links editiert!
Beachte zukünftig die Hinweise dieser Anleitung: HiJackThis.


LG Cidre
S-Mod TB

edit: Ich habe jetzt mal für die Prozesse bei http://virusscan.jotti.org/de/ vorbeigeschaut und habe einen virus rausgefunden.

BrassMan 11.06.2005 23:51
Ich habe mir das schon durchgelesen, nur hab ich das mit dem HTML-Code vergessen, sorry.

BrassMan 12.06.2005 00:56
Kann man die infizierten Dateien nun einfach löschen?
Also ich meine jetzt die pmbvtih.exe.

edit: Ich habe jetzt mal im abgesicherten Modus ein paar Einträge gefixed. So sieht die Log nun aus:

Logfile of HijackThis v1.99.1
Scan saved at 11:07:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Programme\DriveCrypt\DcrServ.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\rvs_cent.exe
C:\WINDOWS\System32\tcpsvcs.exe
c:\windows\system32\erackg.exe
C:\Dokumente und Einstellungen\BrassMan\Desktop\HijackThis.exe

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll
O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000001} - (no file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem301.dll
O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\System32\bridge.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programme\SideFind\sfbho13.dll
O2 - BHO: CHungryBHO Object - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\neti.dll
O2 - BHO: (no name) - {BDE23876-7113-3334-6C3A-E2071F9577A2} - C:\DOKUME~1\BrassMan\ANWEND~1\AXISTO~1\knob fast.exe
O2 - BHO: (no name) - {C5941EE5-6DFA-11D8-86B0-0002441A9695} - C:\WINDOWS\3_0_1browserhelper3.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\PROGRA~1\BARGAI~1\bin\apuc.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ffizhqj] c:\windows\system32\erackg.exe r
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKLM\..\RunOnce: [VcCleanUp.exe] C:\DOKUME~1\BrassMan\LOKALE~1\Temp\VcCleanUp.exe /F C:\PROGRA~1\GEMEIN~1\SYMANT~1\LiveReg\ /RemoveAll
O4 - HKLM\..\RunOnce: [WUpdate] C:\WINDOWS\System32\supd250305.exe
O4 - HKCU\..\Run: [DriveCrypt Startup] C:\Programme\DriveCrypt\DriveCrypt.exe /WS
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programme\SideFind\sidefind13.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O12 - Plugin for .exe: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .rar: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .tgz: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .zip: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - C:\WINDOWS\System32\xplugin.dll
O23 - Service: AVK Service (AVKService) - Unknown owner - H:\Antivirus-Profi-Paket\AVKService.exe (file missing)
O23 - Service: Antivirus Wächter (AVKWCtl) - Unknown owner - H:\Antivirus-Profi-Paket\AVKWCtl.exe (file missing)
O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Programme\DriveCrypt\DcrServ.exe
O23 - Service: GBPoll - Unknown owner - C:\Programme\Roxio\GoBack\GBPoll.exe (file missing)
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Programme\MySQL\MySQL.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RVS CAPI (RVS_CE) - RVS Datentechnik GmbH, München - C:\WINDOWS\system32\rvs_cent.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

BrassMan 12.06.2005 11:33
kann mir denn wirklich niemand helfen?

BrassMan 12.06.2005 16:50
Zitat:
Zitat von BrassMan
kann mir denn wirklich niemand helfen?
86hits und keine antwort ^^

felix1 12.06.2005 17:16
Dein Problem liegt schon daran:
Logfile of HijackThis v1.99.1
Scan saved at 11:07:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Wo sind SP2 und die notwendigen Patches für XP und IE

Du solltest sofort SP2 installieren.

Dein nächstes Problem:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
Deshalb mache genau nach Anleitung:

http://www.trojaner-board.de/showthread.php?t=17492

BrassMan 12.06.2005 18:20
Zitat:
Zitat von felix1
Dein Problem liegt schon daran:
Logfile of HijackThis v1.99.1
Scan saved at 11:07:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Wo sind SP2 und die notwendigen Patches für XP und IE

Du solltest sofort SP2 installieren.

Dein nächstes Problem:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
Deshalb mache genau nach Anleitung:

http://www.trojaner-board.de/showthread.php?t=17492
Danke, hab jetzt mal eScan durchgeführt. Erst waren's 90 Viren, bei eScanCheck dann knapp 20. Nachdem die gelöscht waren, ist nur noch einer übriggeblieben. Nämlich der hier: c:\windows\system32\kgpfips.exe, das ist der Trojan.W32.Agent.ay und den bekomme ich nicht weg. Das Problem ist, ich kann immer noch keine Wallpaper festlegen. Ich bekomme immer noch einen weißen Hintergrund.
Zu dem Service Pack 2: Ich werde mir das mal zulegen, habe mich vorher immer dagegen gewehrt, weil ich dachte, dass es das System eher kaputt macht, als das Gegenteil.
Zu IE-Patches: Ich öffne den Internet Explorer so gut wie nie, deshalb brauche ich nicht unbedingt die patches. Ich benutze lieber Opera.

Haui45 12.06.2005 18:46
Wenn du Hilfe willst, solltest du uns die Virus-Log-Information von eScan zur Verfügung stellen.

Auch wenn du den IE nicht benutzt, sollte er aktualisiert werden!

BrassMan 12.06.2005 19:13
Zitat:
Zitat von Haui45
Wenn du Hilfe willst, solltest du uns die Virus-Log-Information von eScan zur Verfügung stellen.

Auch wenn du den IE nicht benutzt, sollte er aktualisiert werden!
Alles klar, werde ich auch einfach mal machen.
Hier der die Virus-Log-Information von eScan:
File C:\WINDOWS\system32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File c:\windows\system32\saie.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
File c:\windows\xcjsx.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\spoolsrv32.exe tagged as "not-a-virus:AdWare.FindSpy.b". Action Taken: No Action Taken.
File C:\WINDOWS\svcproc.exe infected by "Trojan.Win32.Stervis.c" Virus! Action Taken: No Action Taken.
Object "BearShare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BearShare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BearShare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "VX2 Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "VX2 Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BetterInternet Adware" found in File System! Action Taken: No Action Taken.
Object "BetterInternet Adware" found in File System! Action Taken: No Action Taken.
Object "WhenU Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "sidefind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BetterInternet Adware" found in File System! Action Taken: No Action Taken.
Object "BTGrab Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "180Solutions Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Search Bar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "WebSiteViewer Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "updater Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "WhenU Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CWS.xplugin Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BTGrab Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "farmmext Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "farmmext Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\HDPlugin1019.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Symantec\SYMEVNT.386". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Symantec\S32EVNT1.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Symantec\SYMEVENT.SYS". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\VOB\ASAPI Update\IWuninstall.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Vicky\Eigene Dateien\Programm\Programm\vcljpg50.bpl". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Vicky\Eigene Dateien\Programm\Programm\VCLJPG50.DE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Vicky\Eigene Dateien\Programm\Programm\vclx50.bpl". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\xing shared\mpeg encode\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\HDPlugin1019.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\UltraEdit\Uninstall.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\AMR WinControl Demo\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\IEditP5.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\Info5.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\mpeg2dec.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\Player13.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\SCANOST.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\SCANPST.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\MSPST32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\MSMAPI32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\EMSUI32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\MLCFG32.CPL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\CONTAB32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\ML3XEC16.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\CNFNOT32.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00000010-6F7D-442C-93E3-4A4827C2E4C8}" refers to invalid object "C:\WINDOWS\nem219.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0199DF25-9820-4bd5-9FEE-5A765AB4371E}" refers to invalid object "C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}" refers to invalid object "C:\Programme\QuickTime\QTPlugin.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{03A17019-E155-41F0-A864-F9A2569EF35C}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0896FB83-B445-11D0-A44B-444553540000}" refers to invalid object "C:\PROGRA~1\CINEPL~1\mpeg2dec.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0896FB84-B445-11D0-A44B-444553540000}" refers to invalid object "C:\PROGRA~1\CINEPL~1\mpeg2dec.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0C5D39B0-460B-11D4-ADE1-0050DACD3DB9}" refers to invalid object "C:\Programme\Musicmatch\Musicmatch Jukebox\MMRadioEngine.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0F9561D0-03B2-44a3-89A6-E95E417CBA25}" refers to invalid object "C:\WINDOWS\cerbmod.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{112A1DCD-D67F-41A6-BCCE-A365D7041F63}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{12EA75C7-181F-45EB-8E8C-CD1D56FDD379}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{15A4B485-C261-45C2-AE3C-F6EA36467360}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1D1E7439-3992-40BE-B196-4EDAF80C3953}" refers to invalid object "H:\Antivirus-Profi-Paket\gdata.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1D8F02C8-4D92-4B65-8DE8-877FF4EBFA14}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1EF2E5CB-646F-4F85-A355-8E328652CA60}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1EFD6A40-3999-11CF-9150-00AA0059F70D}" refers to invalid object "G:\Mashed\Mashed_MYTH\MCI32.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2294C466-0D91-4689-9762-C1E92CF079BB}" refers to invalid object "C:\Programme\Musicmatch\Musicmatch Jukebox\SkinMgr.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{22C47B61-CF66-43E0-8A83-E0A0422680C4}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{23AA6EBC-86AA-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{23AA6EBD-86AA-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{27855D52-0913-4F88-A8CC-343D374E7CC9}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2B716F74-B667-40E1-A09C-5A6ED67F6D4E}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2D81AE3B-A0ED-4E3B-B88F-D8D208E4D130}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2F199503-36AB-494B-B441-57CCE370D706}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2F42C693-C6A4-11D0-93E9-00AA0064D470}" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\ESCONF.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{307A779A-E642-4E78-953E-249129751D78}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3775D2E0-7C5D-11CF-899E-00AA00688B10}" refers to invalid object "G:\Mashed\Mashed_MYTH\MCI32.OCX". Action Taken: No Action Taken.

BrassMan 12.06.2005 19:17
Entry "HKCR\CLSID\{399CB6C4-7312-11D2-B4D9-00105A0422DF}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\HHACTI~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3B974B6B-26DA-424D-973A-A97D60C1C017}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3FA7DEB3-6438-101B-ACC1-00AA00423326}" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\CDO.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{409CB1EB-4444-4951-BCB9-A21591B34F45}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{431468DB-675D-489A-BFCE-69922E9D3607}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3783-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3785-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3787-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3789-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4880A300-C5B7-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\PAINT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4A10F2F9-9825-48C1-A7FF-D34A450B8AFC}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4EC5E243-09BC-407F-8C8C-F47AD2D76758}" refers to invalid object "H:\Antivirus-Profi-Paket\ScanObjectBrowser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB}" refers to invalid object "C:\WINDOWS\System32\xplugin.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4F94DD5B-006A-4AB7-9C93-1C124D192561}" refers to invalid object "H:\Antivirus-Profi-Paket\LogShow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4FBDE340-0972-11CF-B1DD-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\GIZMO.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4FBDE344-0972-11CF-B1DD-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\GIZMO.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{50398872-22FB-4A64-A9C4-0E9FC36311D4}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{53DA056A-69FF-43EB-BD82-9016FE97893B}" refers to invalid object "H:\Antivirus-Profi-Paket\LogShow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E}" refers to invalid object "C:\Programme\QuickTime\QTPlugin.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F00447B-8A10-46AE-BDA3-F95EE73769B8}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6458B171-6312-4584-8B1E-B1CAA7A60DFD}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{67C6D7A1-2BD5-11D4-9F43-005004450C82}" refers to invalid object "H:\Antivirus-Profi-Paket\AVKOff.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{68960C20-6605-4126-9D2A-81A8501A4023}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5DC-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5DD-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E0-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E1-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E4-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E5-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6EECCB0A-4BD1-421A-B72A-08C21DD6D9D0}" refers to invalid object "H:\Antivirus-Profi-Paket\ScanObjectBrowser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{735A1BE3-AA82-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPROOM.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{735A1BE4-AA82-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPROOM.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{80BB7465-A638-43B5-9827-8E8FE38DFCC1}" refers to invalid object "C:\WINDOWS\System32\jao.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{83DE62E0-5805-11D8-9B25-00E04C60FAF2}" refers to invalid object "C:\WINDOWS\2_0_1browserhelper2.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{84268CDA-5AE9-409C-94E9-B6FEB4B5A123}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{860B20E7-4EDA-11D4-A27F-00400516E636}" refers to invalid object "C:\Programme\Ping\grimping.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8656F959-2A54-4ADF-8849-F5BAF1EE4922}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}" refers to invalid object "C:\WINDOWS\wsem301.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{93FD3565-F27A-11CE-AD6D-0020AFEB8AB5}" refers to invalid object "C:\PROGRA~1\Mplayer\system\CHAT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{93FD3569-F27A-11CE-AD6D-0020AFEB8AB5}" refers to invalid object "C:\PROGRA~1\Mplayer\system\CHAT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{959F94FD-DD1E-11D2-B559-00105A0422DF}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\HHACTI~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{95B35A0B-F6E6-4705-A938-321E7DE86472}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9887C25D-CA98-4195-908E-60B8F868D32A}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9896231A-C487-43A5-8369-6EC9B0A96CC0}" refers to invalid object "C:\WINDOWS\System32\WStart.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}" refers to invalid object "C:\WINDOWS\System32\bridge.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07}" refers to invalid object "C:\Programme\BearShare\RunMSC.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A5C36458-E11B-435D-8B0E-6C1FA215244E}" refers to invalid object "H:\Antivirus-Profi-Paket\GDIUpdt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A97BBEB0-2D4C-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AAD57194-94F6-49CB-B6BE-1BFFF9BB797B}" refers to invalid object "H:\Antivirus-Profi-Paket\AVKPOPc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{ADC4FE5F-9ACA-4551-8AD1-7B1DEF9D6BE8}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{ADEABA31-BFEA-4E42-BAA7-1A092F646A3D}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AF000B40-4D4A-11D2-B504-0080ADB6438D}" refers to invalid object "C:\Programme\CinePlayer Editor\Player13.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AF833A9E-9CCF-4338-09A1-0D88E07ADEE7}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B379E453-4EA4-11D4-88D8-B63E205F9173}" refers to invalid object "C:\WINDOWS\System32\NCTAudioEditor.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B5ECE440-79DA-44E4-BD29-59328122E649}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B617F87F-1856-43BC-ADEB-C43922F7A575}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B8323370-FF27-11D2-97B6-204C4F4F5020}" refers to invalid object "C:\Programme\SmartFTP\smarthook.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261A-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261B-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261C-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261D-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261E-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261F-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A0-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A1-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A2-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A3-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BB6BE882-C5CA-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\PAINT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BBA00AB7-8434-49FA-8FDE-23A7B882CAA8}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BCF96FB4-5F1B-497B-AECC-910304A55011}" refers to invalid object "C:\WINDOWS\neti.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BD8A0455-29BA-43D8-A195-1D0AC9A6EAEC}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C0BAFD83-B1C8-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPPAGER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C0BAFD84-B1C8-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPPAGER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}" refers to invalid object "G:\Mashed\Mashed_MYTH\MCI32.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C3DB19A6-D5A2-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C5941EE5-6DFA-11D8-86B0-0002441A9695}" refers to invalid object "C:\WINDOWS\3_0_1browserhelper3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CAF4C320-32F5-11D3-A222-004095200FF2}" refers to invalid object "H:\Antivirus-Profi-Paket\ShellExt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF494-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\IEditP5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF495-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\IEditP5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF4AE-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\Info5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF4AF-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\Info5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CE0E7204-D82C-4273-8A70-919963F4CFE0}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1}" refers to invalid object "C:\PROGRA~1\BARGAI~1\bin\apuc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CEA206E8-8057-4A04-ACE9-FF0D69A92297}" refers to invalid object "C:\WINDOWS\wsem301.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D052A011-00FC-4854-8D5A-81B36A06D435}" refers to invalid object "C:\Programme\Ping\grimftp.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D326DC3B-8ADF-456A-B1B7-8A9E37704C60}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D98CDB6F-6A57-4C74-88A4-348AB530D862}" refers to invalid object "H:\Antivirus-Profi-Paket\AskUser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DAE27546-4F73-41AE-A802-F5C4D7CD57BA}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DC06BAF1-D92A-45D0-B82B-9C7596B07E1A}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DEFADBC3-AF49-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPMEMBER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DEFADBC4-AF49-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPMEMBER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DFBFC960-D71B-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\SOUND.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DFBFC964-D71B-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\SOUND.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E1B8D8A1-8F84-413F-BCAB-C0EC18CCEF69}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E2155772-45C4-44D1-9144-40A075908FFD}" refers to invalid object "H:\Antivirus-Profi-Paket\ScanObjectBrowser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EFAC012B-2A65-4D0B-9237-ADBADD94DFE9}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EFC25C6F-1A04-43FD-AB25-0F3ED89E050A}" refers to invalid object "C:\WINDOWS\System32\NCTAudioInformation.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F0FDBF9F-63BF-4BFB-A3DB-E7B7FCF3F7DE}" refers to invalid object "C:\Programme\Musicmatch\Musicmatch Jukebox\directorps.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F18175B4-A156-45D5-912E-0C1E4E82FAD5}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F1DD8F2C-1A49-40F0-9649-ACB3AB7AF86A}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F50B3F14-19C4-11CF-AA9A-02608C9BABA2}" refers to invalid object "C:\WINDOWS\System32\mpgdec.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F50B3F15-19C4-11CF-AA9A-02608C9BABA2}" refers to invalid object "C:\WINDOWS\System32\mpgdec.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F7B73562-60B6-4DEE-92B4-384F98A302FB}" refers to invalid object "C:\WINDOWS\System32\NCTAudioTransform.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FB215E25-F536-4B36-8262-ECF59601FAC1}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FC05EDBA-80CC-4CFC-87C7-0E15010F835A}" refers to invalid object "C:\WINDOWS\System32\NCTAudioTransform.dll". Action Taken: No Action Taken.
File C:\WINDOWS\itybcim.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
File C:\WINDOWS\qbqjyfpculi.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File C:\WINDOWS\switpa.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\AcsProxy.dll tagged as "not-a-virus:AdWare.ToolBar.FWN.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\saiehook.dll tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
File C:\WINDOWS\System32\srchbar.dll tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
File C:\WINDOWS\System32\srpcsrv32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\Switp_bund_ar10.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\txfdb32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\unregister.exe tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.

PS: Ich musste 2 Seiten benutzen, da der Log zu lang war

felix1 12.06.2005 19:22
Nutze bitte die in der Anleitung beschriebene Anwendung der Datei Find.bat.

BrassMan 12.06.2005 19:50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Jun 12 18:59:29 2005 => File c:\windows\system32\kgpfips.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 18:59:36 2005 => File c:\windows\system32\kgpfips.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with BearShare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with BearShare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with BearShare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({40b1d454-9ca4-43cc-86aa-cb175eac52fb})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({1c01d150-91a4-4de0-9bf8-a35d1bdf1001})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({8f4e5661-f99e-4b3e-8d85-0ea71c0748e4})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({cea206e8-8057-4a04-ace9-ff0d69a92297})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({0be10b0d-b4db-4693-9b1f-9aead54d17dc})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({AA4939C3-DECA-4A48-A454-97CD587C0EF5})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({EEE4A2E5-9F56-432F-A6ED-F6F625B551E0})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({8cba1b49-8144-4721-a7b1-64c578c9eed7})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({58634367-d62b-4c2c-86be-5aac45cdb671})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({d0288a41-9855-4a9b-8316-babe243648da})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({339d8aff-0b42-4260-ad82-78ce605a9543})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({a36a5936-cfd9-4b41-86bd-319a1931887f})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({10e42047-deb9-4535-a118-b3f6ec39b807})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Bargain Buddy Spyware/Adware ({CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Bargain Buddy Spyware/Adware ({C6906A23-4717-4E1F-B6FD-F06EBED14177})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Bargain Buddy Spyware/Adware ({4EB7BBE8-2E15-424B-9DDB-2CDB9516A2A3})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with CoolWebSearch Spyware/Adware ({4f7681e5-6caf-478d-9cb8-4ca593bee7fb})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with CoolWebSearch Spyware/Adware ({ee79d398-aaaf-47b1-8c9e-11f7d4c9111b})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with CoolWebSearch Spyware/Adware ({ac3f36d4-f905-4fe9-a926-eb937e66f591})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with VX2 Spyware/Adware ({92daf5c1-2135-4e0c-b7a0-259abfcd3904})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with VX2 Spyware/Adware ({bb0d5adc-028d-4185-9288-722ddce2c757})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with BetterInternet Adware ({59EBB576-CEB0-42FA-9917-DA6254A275AD})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with BetterInternet Adware ({8E0D8965-B97B-468D-8306-A05929E439C1})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with WhenU Spyware/Adware (WUSE)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with CWS.xplugin Spyware/Adware (xplugin.dll)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with BTGrab Spyware/Adware (btgrab.inf)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with farmmext Spyware/Adware (farmmext.ini)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with farmmext Spyware/Adware (farmmext.inf)! Action taken: No Action Taken.
Sun Jun 12 19:05:23 2005 => Total Disinfected Files: 0
Sun Jun 12 19:57:10 2005 => File C:\WINDOWS\system32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:57:17 2005 => File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:57:32 2005 => File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:58:59 2005 => File C:\WINDOWS\svcproc.exe infected by "Trojan.Win32.Stervis.c" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with BearShare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with BearShare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with BearShare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({40b1d454-9ca4-43cc-86aa-cb175eac52fb})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({1c01d150-91a4-4de0-9bf8-a35d1bdf1001})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({8f4e5661-f99e-4b3e-8d85-0ea71c0748e4})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({cea206e8-8057-4a04-ace9-ff0d69a92297})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({0be10b0d-b4db-4693-9b1f-9aead54d17dc})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({AA4939C3-DECA-4A48-A454-97CD587C0EF5})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({EEE4A2E5-9F56-432F-A6ED-F6F625B551E0})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({8cba1b49-8144-4721-a7b1-64c578c9eed7})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({58634367-d62b-4c2c-86be-5aac45cdb671})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({d0288a41-9855-4a9b-8316-babe243648da})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({339d8aff-0b42-4260-ad82-78ce605a9543})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({a36a5936-cfd9-4b41-86bd-319a1931887f})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({10e42047-deb9-4535-a118-b3f6ec39b807})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with Bargain Buddy Spyware/Adware ({CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with Bargain Buddy Spyware/Adware ({C6906A23-4717-4E1F-B6FD-F06EBED14177})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with Bargain Buddy Spyware/Adware ({4EB7BBE8-2E15-424B-9DDB-2CDB9516A2A3})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with CoolWebSearch Spyware/Adware ({4f7681e5-6caf-478d-9cb8-4ca593bee7fb})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with CoolWebSearch Spyware/Adware ({ee79d398-aaaf-47b1-8c9e-11f7d4c9111b})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with CoolWebSearch Spyware/Adware ({ac3f36d4-f905-4fe9-a926-eb937e66f591})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with VX2 Spyware/Adware ({92daf5c1-2135-4e0c-b7a0-259abfcd3904})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with VX2 Spyware/Adware ({bb0d5adc-028d-4185-9288-722ddce2c757})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with BetterInternet Adware ({59EBB576-CEB0-42FA-9917-DA6254A275AD})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with BetterInternet Adware ({8E0D8965-B97B-468D-8306-A05929E439C1})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with WhenU Spyware/Adware (WUSE)! Action taken: No Action Taken.
Sun Jun 12 19:59:21 2005 => System found infected with CWS.xplugin Spyware/Adware (xplugin.dll)! Action taken: No Action Taken.
Sun Jun 12 19:59:22 2005 => System found infected with BTGrab Spyware/Adware (btgrab.inf)! Action taken: No Action Taken.
Sun Jun 12 19:59:22 2005 => System found infected with farmmext Spyware/Adware (farmmext.ini)! Action taken: No Action Taken.
Sun Jun 12 19:59:22 2005 => System found infected with farmmext Spyware/Adware (farmmext.inf)! Action taken: No Action Taken.
Sun Jun 12 20:01:05 2005 => File C:\WINDOWS\System32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
Sun Jun 12 20:03:41 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Jun 12 18:59:32 2005 => File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 18:59:35 2005 => File c:\windows\system32\saie.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 18:59:35 2005 => File c:\windows\xcjsx.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 18:59:36 2005 => File C:\WINDOWS\System32\spoolsrv32.exe tagged as "not-a-virus:AdWare.FindSpy.b". Action Taken: No Action Taken.
Sun Jun 12 18:59:51 2005 => Scanning File C:\Dokumente und Einstellungen\BrassMan\Desktop\new tracks\MP 3\Death Row Unreleased & Rare Stuff\player\2Pac - Pac's Life (CDQ Untagged).mp3 [**]
Sun Jun 12 19:01:57 2005 => File C:\WINDOWS\itybcim.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
Sun Jun 12 19:02:00 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
Sun Jun 12 19:02:01 2005 => File C:\WINDOWS\qbqjyfpculi.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 19:02:03 2005 => File C:\WINDOWS\switpa.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 19:02:06 2005 => File C:\WINDOWS\System32\AcsProxy.dll tagged as "not-a-virus:AdWare.ToolBar.FWN.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:21 2005 => File C:\WINDOWS\System32\saiehook.dll tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 19:04:31 2005 => File C:\WINDOWS\System32\srchbar.dll tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
Sun Jun 12 19:04:31 2005 => File C:\WINDOWS\System32\srpcsrv32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:34 2005 => File C:\WINDOWS\System32\Switp_bund_ar10.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:40 2005 => File C:\WINDOWS\System32\txfdb32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:42 2005 => File C:\WINDOWS\System32\unregister.exe tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
Sun Jun 12 19:57:15 2005 => File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 19:57:27 2005 => File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 19:57:31 2005 => File c:\windows\system32\saie.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 19:57:31 2005 => File c:\windows\xcjsx.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 19:57:32 2005 => File C:\WINDOWS\System32\spoolsrv32.exe tagged as "not-a-virus:AdWare.FindSpy.b". Action Taken: No Action Taken.
Sun Jun 12 19:57:49 2005 => Scanning File C:\Dokumente und Einstellungen\BrassMan\Desktop\new tracks\MP 3\Death Row Unreleased & Rare Stuff\player\2Pac - Pac's Life (CDQ Untagged).mp3 [**]
Sun Jun 12 20:00:26 2005 => File C:\WINDOWS\itybcim.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
Sun Jun 12 20:00:28 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
Sun Jun 12 20:00:29 2005 => File C:\WINDOWS\qbqjyfpculi.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 20:00:31 2005 => File C:\WINDOWS\switpa.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 20:00:33 2005 => File C:\WINDOWS\System32\AcsProxy.dll tagged as "not-a-virus:AdWare.ToolBar.FWN.a". Action Taken: No Action Taken.
Sun Jun 12 20:02:36 2005 => File C:\WINDOWS\System32\saiehook.dll tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 20:02:50 2005 => File C:\WINDOWS\System32\srchbar.dll tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
Sun Jun 12 20:02:50 2005 => File C:\WINDOWS\System32\srpcsrv32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 20:02:53 2005 => File C:\WINDOWS\System32\Switp_bund_ar10.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 20:03:00 2005 => File C:\WINDOWS\System32\txfdb32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 20:03:02 2005 => File C:\WINDOWS\System32\unregister.exe tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Jun 12 19:05:23 2005 => Total Virus(es) Found: 69
Sun Jun 12 20:03:41 2005 => Total Virus(es) Found: 73
Sun Jun 12 19:05:23 2005 => Total Errors: 181
Sun Jun 12 20:03:41 2005 => Total Errors: 180
Sun Jun 12 19:05:23 2005 => Time Elapsed: 00:07:39
Sun Jun 12 20:03:41 2005 => Time Elapsed: 00:06:46
Sun Jun 12 19:05:23 2005 => Total Objects Scanned: 14586
Sun Jun 12 20:03:41 2005 => Total Objects Scanned: 14714
Sun Jun 12 18:57:40 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 19:05:23 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 19:05:30 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 19:56:51 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 20:03:41 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 20:18:02 2005 => Virus Database Date: 2005/06/09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

Cidre 12.06.2005 21:33
Hallo,

du hast eScan nicht gemäss der Anleitung ausgeführt. Scanne deshalb erneut dein System, aber lösche zuvor die mwav.log und stelle uns die Virus Log Information zur Verfügung.


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:42 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131