|
brauche bitte Hilfe nach eScan Hallo, eScan hat heute folgendes gefunden: (habe Win XP) Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ImageUploader_3.ocx". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\ZActiveX.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\System32\iuctl.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\YooApplications\Sweepi\Data\URLHIST.tlb". Action Taken: No Action Taken. Entry "HKCR\CLSID\{29FF67FF-8050-480f-9F30-CC41635F2F9D}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{70B51430-B6CA-11D0-B9B9-00A0C922E750}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8298d101-f992-43b7-8eca-5052d885b995}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{86FC1FD1-BCF3-11D1-B76F-58BB04C10000}" refers to invalid object "D:\RUNTIME\mDxEmul.mom". Action Taken: No Action Taken. Entry "HKCR\CLSID\{86FC1FD3-BCF3-11D1-B76F-58BB04C10000}" refers to invalid object "D:\RUNTIME\mDxEmul.mom". Action Taken: No Action Taken. Entry "HKCR\CLSID\{9EFBF860-5685-11D3-AA3D-00C04F4C5275}" refers to invalid object "cdooff.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A9E69612-B80D-11D0-B9B9-00A0C922E750}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{f612954d-3b0b-4c56-9563-227b7be624b4}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{FACF11A2-5095-11D3-A9DE-00C0268E5C48}" refers to invalid object "D:\RUNTIME\mDxEmul.mom". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\FirmConvShellExt.FirmConv" refers to invalid object "{70F51CDA-99D4-4e65-8743-85AEBE9F8263}". Action Taken: No Action Taken. Entry "HKCR\FirmConvShellExt.FirmConv.1" refers to invalid object "{70F51CDA-99D4-4e65-8743-85AEBE9F8263}". Action Taken: No Action Taken. Entry "HKCR\ImgX6.ImgX" refers to invalid object "{76F61208-6A7F-402E-BAE5-40C9562AA893}". Action Taken: No Action Taken. Entry "HKCR\ImgX6.ImgX_Color" refers to invalid object "{E4EFC9C6-4DF7-4F1D-BE79-42FDC36731FE}". Action Taken: No Action Taken. Entry "HKCR\ImgX6.ImgX_Font" refers to invalid object "{23741BEB-6EB2-4634-AE5C-CA52FABBDE82}". Action Taken: No Action Taken. Entry "HKCR\ImgX6.ImgX_GradientColors" refers to invalid object "{C0DDC4D7-5D52-471D-8CFF-A2349A8DF614}". Action Taken: No Action Taken. Entry "HKCR\ImgX6.ImgX_Palette" refers to invalid object "{E0540341-C35C-49FB-9832-F09D4C9D87C1}". Action Taken: No Action Taken. Entry "HKCR\ImgXCtrl6.ImgXCtrl" refers to invalid object "{111A5E7A-EAAC-433A-B56B-0AF470BE6306}". Action Taken: No Action Taken. Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\Messenger.MessengerApp" refers to invalid object "{FB7199AB-79BF-11d2-8D94-0000F875C541}". Action Taken: No Action Taken. Entry "HKCR\Messenger.MessengerApp.1" refers to invalid object "{FB7199AB-79BF-11d2-8D94-0000F875C541}". Action Taken: No Action Taken. Entry "HKCR\Messenger.UIAutomation" refers to invalid object "{B69003B3-C55E-4b48-836C-BC5946FC3B28}". Action Taken: No Action Taken. Entry "HKCR\Messenger.UIAutomation.1" refers to invalid object "{B69003B3-C55E-4b48-836C-BC5946FC3B28}". Action Taken: No Action Taken. Entry "HKCR\MessengerNative.UIAutomation" refers to invalid object "{DF66AFC9-C61D-404a-B535-64FBF91D420F}". Action Taken: No Action Taken. Entry "HKCR\MessengerNative.UIAutomation.1" refers to invalid object "{DF66AFC9-C61D-404a-B535-64FBF91D420F}". Action Taken: No Action Taken. Entry "HKCR\MessengerPrivate.MessengerPriv" refers to invalid object "{AB1D8565-40E9-4616-984D-98465687E82C}". Action Taken: No Action Taken. Entry "HKCR\MessengerPrivate.MessengerPriv.1" refers to invalid object "{AB1D8565-40E9-4616-984D-98465687E82C}". Action Taken: No Action Taken. Entry "HKCR\MessengerPrivateNative.MessengerPriv" refers to invalid object "{BBBFCB14-3B21-491c-9E2A-B0F3D50F83FD}". Action Taken: No Action Taken. Entry "HKCR\MessengerPrivateNative.MessengerPriv.1" refers to invalid object "{BBBFCB14-3B21-491c-9E2A-B0F3D50F83FD}". Action Taken: No Action Taken. Entry "HKCR\MsnMessengerSetupDownloader.MsnMessen.1" refers to invalid object "{B38870E4-7ECB-40DA-8C6A-595F0A5519FF}". Action Taken: No Action Taken. Entry "HKCR\MsnMessengerSetupDownloader.MsnMessenge" refers to invalid object "{B38870E4-7ECB-40DA-8C6A-595F0A5519FF}". Action Taken: No Action Taken. Entry "HKCR\MyWebSearch.HTMLPanel" refers to invalid object "{3E720452-B472-4954-B7AA-33069EB53906}". Action Taken: No Action Taken. Entry "HKCR\MyWebSearch.HTMLPanel.1" refers to invalid object "{3E720452-B472-4954-B7AA-33069EB53906}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Kenne mich leider nicht gut aus.... und da mir hier schon einmal bestens geholfen wurde, hoffe ich, dass es auch diesmal wieder klappt :) Wie komme ich ins File System?? oder was soll ich sonst machen?? lieben Dank im voraus |
Hallo, bereinige die Registry, z.B. mit RegSeeker. Setze bitte vorher einen Haken bei "Backup before deletion". Poste außerdem bitte folgendes aus der mwav.log (steht ganz am Ende): Zitat:
|
Hallo haui, hier schon mal der auszug der Log: Wed Aug 24 19:24:11 2005 => Gescannte Dateien: 18925 Wed Aug 24 19:24:11 2005 => Gefundene Viren: 1 Wed Aug 24 19:24:11 2005 => Anzahl der desinfizierten Dateien: 0 Wed Aug 24 19:24:11 2005 => Umbenannte Dateien: 0 Wed Aug 24 19:24:11 2005 => Anzahl der gelöschten Dateien: 0 Wed Aug 24 19:24:11 2005 => Anzahl Fehler: 47 Wed Aug 24 19:24:11 2005 => Zeit vergangen: 00:23:34 Wed Aug 24 19:24:55 2005 => Virus Datenbank Datum: 2005/08/04 Wed Aug 24 19:24:55 2005 => Virus Datenbank Zähler: 141943 Wed Aug 24 19:24:58 2005 => AV Library Unloaded (3)... |
Du hast leider etwas falsch gemacht :( Zitat:
Zitat:
Lies die Anleitung bitte erneut und wiederhole den Scan. Beachte alle Hinweise! |
OK die Registry habe ich inzwischen bereinigt mit RegSeeker. Hoffe das ist ok? werden nur die roten "Einträge" gelöscht? Kenne das Programm nicht. |
Wenn RegSeeker fertig ist klickst du auf "Select all" machst einen Rechtsklick in die Liste und wählst "Delete selected items" aus. |
ok - hab ich gemacht |
mache neuen eScan - bis bald und vielen Dank |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 05:42 Uhr. |
Copyright ©2000-2025, Trojaner-Board