Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: BullsEye wütet wieder!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 23.05.2005, 10:30   #1
Squad
 
BullsEye wütet wieder! - Icon21

BullsEye wütet wieder!



Hallo!

Ich habe mir nun schon einige Posts über den Trojaner Bullseye durchgelesen, den ich mir eingefangen habe. Da ich aber absolut keine Ahnung auf diesem Gebiet habe, poste ich hier mal meinen Logfile, in der Hoffnung, dass mir jemand helfen kann!!! Vielen Dank schonmal für jede Hilfe!

Logfile of HijackThis v1.99.1
Scan saved at 09:50:00, on 23.05.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\carpserv.exe
C:\Programme\Apoint2K\Apoint.exe
C:\PROGRA~1\LAUNCH~1\QtaET2S.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\FreePDF_XP\fpassist.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Apoint2K\Apntex.exe
C:\Programme\CASIO\PCsync\QDCTray.exe
C:\Programme\Palm\HOTSYNC.EXE
C:\Programme\OpenOffice.org1.1.0\program\soffice.exe
C:\Programme\OpenOffice.org1.1.1\program\soffice.exe
C:\Programme\OpenOffice.org1.0.3\program\soffice.exe
C:\Programme\NaviSearch\bin\nls.exe
C:\Programme\BullsEye Network\bin\bargains.exe
C:\Programme\CashBack\bin\cashback.exe
C:\WINDOWS\explorer.exe
C:\Dokumente und Einstellungen\Profaktur\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.exactsearch.net/sidesearch
F3 - REG:win.ini: run=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll
O2 - BHO: CB UrlCatcher Class - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtaET2S.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - Startup: Quick Data Copy.lnk = C:\Programme\CASIO\PCsync\QDCTray.exe
O4 - Startup: HotSync Manager.lnk = C:\Programme\Palm\HOTSYNC.EXE
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programme\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: OpenOffice.org 1.1.1.lnk = C:\Programme\OpenOffice.org1.1.1\program\quickstart.exe
O4 - Startup: OpenOffice.org 1.1.2.lnk = C:\Programme\OpenOffice.org1.0.3\program\quickstart.exe
O4 - Startup: SmartSurfer.lnk = C:\Programme\WEBDE\SmartSurfer3.0\SmartSurfer.exe
O4 - Global Startup: Zahlungserinnerung.lnk = C:\HCW\wzed.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\COMOne\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\COMOne\Bluetooth Software\btsendto_ie.htm (file missing)
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.143/code/PWActiveXImgCtl.CAB
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O16 - DPF: {F0BC061F-DAF9-4533-8011-53BCB4C10307} (Installations Assistent) - http://install.power-url.de/InstallationsAssistent.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C4221A4-20E3-4E8F-9CC4-6CF80D6689E9}: NameServer = 195.8.224.1
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe

_____________
Anm.
Aktive Links editiert!
Beachte die Hinweise dieser Anleitung: HiJackThis

LG Cidre
S-Mod TB

Geändert von Cidre (25.05.2005 um 18:47 Uhr)

Alt 25.05.2005, 16:41   #2
Squad
 
BullsEye wütet wieder! - Icon22

BullsEye wütet wieder!



So, habe jetzt alles in stundenlanger Arbeit getan, was hier im Forum über den Bullseye gesagt wurde! Kann sich bitte jetzt nochmal jemand mein LogFile ansehen und sagen, ob noch was fehlerhaftes bzw. schädliches zu finden ist!? Vielen Dank und einen schönen Feiertag! Gruß, Squad



Logfile of HijackThis v1.99.1
Scan saved at 16:32:28, on 25.05.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\Programme\Apoint2K\Apoint.exe
C:\PROGRA~1\LAUNCH~1\QtaET2S.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\FreePDF_XP\fpassist.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Apoint2K\Apntex.exe
C:\Programme\Palm\HOTSYNC.EXE
C:\Programme\OpenOffice.org1.1.0\program\soffice.exe
C:\Programme\OpenOffice.org1.1.1\program\soffice.exe
C:\Programme\OpenOffice.org1.0.3\program\soffice.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Jan\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.exactsearch.net/sidesearch
F3 - REG:win.ini: run=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtaET2S.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - Startup: Quick Data Copy.lnk = C:\Programme\CASIO\PCsync\QDCTray.exe
O4 - Startup: HotSync Manager.lnk = C:\Programme\Palm\HOTSYNC.EXE
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programme\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: OpenOffice.org 1.1.1.lnk = C:\Programme\OpenOffice.org1.1.1\program\quickstart.exe
O4 - Startup: OpenOffice.org 1.1.2.lnk = C:\Programme\OpenOffice.org1.0.3\program\quickstart.exe
O4 - Startup: SmartSurfer.lnk = C:\Programme\WEBDE\SmartSurfer3.0\SmartSurfer.exe
O4 - Global Startup: Zahlungserinnerung.lnk = C:\HCW\wzed.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\COMOne\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\COMOne\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.143/code/PWActiveXImgCtl.CAB
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C4221A4-20E3-4E8F-9CC4-6CF80D6689E9}: NameServer = 195.8.224.1
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
__________________


Geändert von Cidre (25.05.2005 um 18:47 Uhr)

Alt 25.05.2005, 17:42   #3
Meerjungfraumann
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



Hy,
Logfile passt denke ich.Aber Update unbedingt Dein Windows auf Service Pack 2 schliest sämtliche Sicherheitslücken.

Greetings from MEERJUNGFRAUMANN (SPONGEBOB MEMBER)
__________________

Alt 25.05.2005, 18:10   #4
Rene-gad
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



@Squad
Bitte alle Links im Log deaktivieren (z.B. h**p statt http)
Zitat:
So, habe jetzt alles in stundenlanger Arbeit getan, was hier im Forum über den Bullseye gesagt wurde!
Wievile Stunden hast du verbracht, wenn es kein Geheimnis ist?

Bitte fixen:
Zitat:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = h**p://www.exactsearch.net/sidesearch
F3 - REG:win.ini: run=
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\COMOne\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\COMOne\Bluetooth Software\btsendto_ie.htm (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/
Diese Datei im abgesicherten Modus löschen
Zitat:
C:\WINDOWS\web\related.htm

Alt 27.05.2005, 01:14   #5
Squad
 
BullsEye wütet wieder! - Lächeln

BullsEye wütet wieder!



@Rene: Na ja, ich hab insgesamt ca. 10 Stunden drangesessen inkl. Wartezeiten bei Scans etc.

Danke für's checken meines Logfiles! Jetzt müsste es doch eigentlich okay sein, oder!?

Logfile of HijackThis v1.99.1
Scan saved at 01:04:43, on 27.05.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\Programme\Apoint2K\Apoint.exe
C:\PROGRA~1\LAUNCH~1\QtaET2S.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\FreePDF_XP\fpassist.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Apoint2K\Apntex.exe
C:\Programme\Palm\HOTSYNC.EXE
C:\Programme\OpenOffice.org1.1.0\program\soffice.exe
C:\Programme\OpenOffice.org1.1.1\program\soffice.exe
C:\Programme\OpenOffice.org1.0.3\program\soffice.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Dokumente und Einstellungen\Ordner\Eigene Dateien\Ordner\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.web.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://global.acer.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtaET2S.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - Startup: Quick Data Copy.lnk = C:\Programme\CASIO\PCsync\QDCTray.exe
O4 - Startup: HotSync Manager.lnk = C:\Programme\Palm\HOTSYNC.EXE
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programme\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: OpenOffice.org 1.1.1.lnk = C:\Programme\OpenOffice.org1.1.1\program\quickstart.exe
O4 - Startup: OpenOffice.org 1.1.2.lnk = C:\Programme\OpenOffice.org1.0.3\program\quickstart.exe
O4 - Startup: SmartSurfer.lnk = C:\Programme\WEBDE\SmartSurfer3.0\SmartSurfer.exe
O4 - Global Startup: Zahlungserinnerung.lnk = C:\HCW\wzed.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - h**p://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - h**p://216.249.24.143/code/PWActiveXImgCtl.CAB
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - h**p://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C4221A4-20E3-4E8F-9CC4-6CF80D6689E9}: NameServer = 195.8.224.1
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE


Alt 27.05.2005, 01:45   #6
cronos
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



Sauber ist der Log immer noch nicht!
Um mehr Informationen zu bekommen führe Escan wie beschrieben aus und teile uns die Ergebnisse mit!

Edit:

Warum ist kein Service Pack 2 installiert?
__________________
--> BullsEye wütet wieder!

Alt 27.05.2005, 08:51   #7
Rene-gad
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



@Squad
Zitat:
Na ja, ich hab insgesamt ca. 10 Stunden drangesessen inkl. Wartezeiten bei Scans etc.
Du hast wohl zu viel Zeit übrig. In 3 Stunden hättest du deine Kiste neu formatiert und virenfrei gehabt. Und SP2 fehlt nach wie vor

Alt 01.06.2005, 17:23   #8
Squad
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



Hallo! Wenn ich das Service Pack 2 installiere und dann ins Internet gehe, stürzt mein Rechner IMMER ab.
Deshalb habe ich es wieder deinstalliert. Woran kann das liegen? Verträgt es sich nicht mit AV?

Gruß, Squad

Alt 01.06.2005, 18:20   #9
Rene-gad
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



@Squad
Installieren von SP2 und Co. befreit den PC von Malware nicht. Warum hast du den Posting von cronos nicht abgearbeitet?

Alt 02.06.2005, 21:17   #10
Squad
 
BullsEye wütet wieder! - Beitrag

BullsEye wütet wieder!



Habe jetzt den eScan jetzt ausgeführt! Herausgekommen ist eine ewig lange Liste von der ich so gut wie nichts verstehe...

Sorry, ich hab' von solchen Sachen leider wirklich nur sehr wenig Ahnung. Ich hoffe ihr könnt mir weiterhelfen und ich poste nichts unerlaubtes vom eScan!

Danke schonmal für alle hilfreichen Antworten!


Hier mein Scan:

Geändert von Squad (02.06.2005 um 21:32 Uhr)

Alt 02.06.2005, 21:19   #11
Squad
 
BullsEye wütet wieder! - Pfeil

BullsEye wütet wieder!



Scan kommt im neuen Fenster!

Wenn ich die find.bat Datei erstellt habe und dann doppelklicke, öffnet sich zwar ein neues Fenster im MS-DOS und es wird etwas geschrieben. Dann schließt sich das Fenster aber schnell wieder. Eine Datei Namens eScan_neu.txt kann ich nicht finden. Was mache ich falsch???

Geändert von Squad (02.06.2005 um 21:55 Uhr)

Alt 02.06.2005, 21:44   #12
chaosman
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



@Squad
Scan kommt im neuen Fenster!
wo bleibts?
chaosman
__________________
Bonus vir semper tiro

Alt 02.06.2005, 21:52   #13
Squad
 
BullsEye wütet wieder! - Beitrag

BullsEye wütet wieder!



Da es anders nicht funktioniert hier mein Scan:

Seite 1:

File C:\WINDOWS\zeta.exe tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "cashback Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "exactutil Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bargainbuddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "eZula Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CyberLink\Common\UpdateIPR.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\DIMM.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\Siemens AG Shared\DESServer.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\APMmxBVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\APMmxSVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\APMP5BVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\APMP5SVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\GliDetectDll.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\GliDX6vf.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\GliVd1vf.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\MPGMXBVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\MPGMXSVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\MPGP5BVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\MPGP5SVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\WAVd3BVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\WAVMWBVR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\WAVMWSVR.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\WAVPWBVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\UbiSoft\Rayman2\dll\WAVPWSVR.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btsendto_office.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btsendto_notes.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BTNeighborhood.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btcss.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BTNCopy.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btwpimif.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\bt2k_ins.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\wbtapi.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btcpl.cpl". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btsec.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btosif.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btosif_notes.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btosif_ol.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btins.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btdev.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\WidcommSdk.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\lcppn21.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btsendto_lnagent.nsf". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BTXPPanel.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BtXpShell.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btsendto.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btrez.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btbigbmp.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\bthcrp.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btosif_olx.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BtWizard.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btsendto_wab.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BtAudioHelper.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BTNeighborhood.tlb". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BTNCopy.tlb". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BTXPPanel.tlb". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btsendto_ie.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\BTNeighborhood.dll.manifest". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btcss.dll.manifest". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btcpl.cpl.manifest". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\bthcrpui.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btprn2k.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\btrezxp.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Lexware1\Gemeinsame Dateien\Optionen\BenutzerMgr.xml". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Lexware1\Gemeinsame Dateien\Optionen\PersonalMgr.xml". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0002E500-0000-0000-C000-000000000046}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0002E510-0000-0000-C000-000000000046}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0002E520-0000-0000-C000-000000000046}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0002E530-0000-0000-C000-000000000046}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0002E531-0000-0000-C000-000000000046}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0002E532-0000-0000-C000-000000000046}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0083AA80-357D-11D4-876E-CA5F65139036}" refers to invalid object "C:\MAGIX\mm2005_silver\RegModule\hhvrend2.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{01002B17-5D93-4551-81E4-831FEF780A53}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0174EB42-3CBC-4910-9C88-82B36A14C62B}" refers to invalid object "C:\Programme\Intuwave\Shared\mRouterRunTime\mRouterBluetooth.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0AA02E8D-F851-4CB0-9F64-BBA9BE7A983D}" refers to invalid object "C:\PROGRA~1\WINDOW~3\mpvis.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{13E40445-0C30-11D2-ADAC-00104B453807}" refers to invalid object "C:\PROGRA~1\Lexware\ANLAGE~1\AnlageVW.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1B544C24-FD0B-11CE-8C63-00AA0044B520}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1CB1623E-BBEC-4E8D-B2DF-DC08C6F4627C}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2aa2b5fe-b846-4d07-810c-b21ee45320e3}" refers to invalid object "%SystemRoot%\System32\xmlprovi.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2D20D4BB-B47E-4FB7-83BD-E3C2EE250D26}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2EA10031-0033-450E-8072-E27D9E768142}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{305F718E-620B-11D3-B484-008029659E91}" refers to invalid object "C:\MAGIX\MM2005~1\REGMOD~1\audiovis.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{31087270-D348-432C-899E-2D2F38FF29A0}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{353359C1-39E1-491b-9951-464FD8AB071C}" refers to invalid object "C:\Programme\Movie Maker\wmm2fxa.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{35465706-E211-11d3-8B87-C295F909460A}" refers to invalid object "C:\MAGIX\mm2005_silver\RegModule\WMServerReader.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{36773DF3-37FC-47B6-9F8F-CC4699917938}" refers to invalid object "D:\acer\tools\LaunchRS.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{41D2B841-7692-4C83-AFD3-F60E845341AF}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{442D12A1-2641-11d2-90FB-006008A1F441}" refers to invalid object "a3d.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4C85388F-1500-11D1-A0DF-00C04FC9E20F}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4D4C9FEF-ED80-47EA-A3FA-3215FDBB33AB}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4E7F49AD-E4B5-11D1-8D9D-006097DBEFEF}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCW.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4E7F49AF-E4B5-11D1-8D9D-006097DBEFEF}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCW.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4E7F49B6-E4B5-11D1-8D9D-006097DBEFEF}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCW.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4E7F49B8-E4B5-11D1-8D9D-006097DBEFEF}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCW.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4E7F49CF-E4B5-11D1-8D9D-006097DBEFEF}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCW.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4E7F49D5-E4B5-11D1-8D9D-006097DBEFEF}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCW.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4F3E50BD-A9D7-4721-B0E1-00CB42A0A747}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{56d398df-f37d-4d6d-94cc-8b3ea36c3a39}" refers to invalid object "C:\MAGIX\mm2005_silver\RegModule\MXMPEG2.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{586FB486-5560-4FF3-96DF-1118C96AF456}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{596AB062-B4D2-4215-9F74-E9109B0A8153}" refers to invalid object "C:\WINDOWS\System32\twext.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5A20FD6F-F8FE-4a22-9EE7-307D72D09E6E}" refers to invalid object "C:\Programme\Movie Maker\wmm2fxa.dll". Action Taken: No Action Taken.

Alt 02.06.2005, 21:53   #14
Squad
 
BullsEye wütet wieder! - Beitrag

BullsEye wütet wieder!



Seite 2:


Entry "HKCR\CLSID\{5B4B05EB-1F63-446B-AAD1-E10A34D650E0}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5D62A639-0FB0-11D2-8DB2-006097DBEFEF}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCW.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{62090F4D-7F27-11D4-ABF2-0080C8FCDE68}" refers to invalid object "C:\PROGRA~1\Lexware\BUCHHA~1\BHAUSW~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{679E132F-561B-42F8-846C-A70DBDC62999}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6C68955E-F965-4249-8E18-F0977B1D2899}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{78D80080-F388-11D3-9161-00105A07EA40}" refers to invalid object "C:\WINDOWS\SYSTEM\LCODCCMP.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{78D80081-F388-11D3-9161-00105A07EA40}" refers to invalid object "C:\WINDOWS\SYSTEM\LCODCCMP.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{78D80082-F388-11D3-9161-00105A07EA40}" refers to invalid object "C:\WINDOWS\SYSTEM\LCODCCMP.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{78D80083-F388-11D3-9161-00105A07EA40}" refers to invalid object "C:\WINDOWS\SYSTEM\LCODCCMP.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{7F1232EE-44D7-4494-AB8B-CC61B10E21A5}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{7FB3E3A1-829B-11D3-8032-00A0C941A56C}" refers to invalid object "C:\Programme\KraiSoft\Warkanoid\GmIntrnt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{849F5184-79E2-11D5-99F3-0050043E594A}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\Lexware\Dll\LxBsns30.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{849F519C-79E2-11D5-99F3-0050043E594A}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\Lexware\Dll\AVBsns30.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8602FB8E-2F21-46A0-89DA-BCBFF80A9B02}" refers to invalid object "C:\LEXWARE\PCBH32\KRCheck.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}" refers to invalid object "fde.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{90914AA1-0A85-407B-AA90-AD5BE725D805}" refers to invalid object "D:\acer\tools\LaunchRS.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{92883667-E95C-443D-AC96-4CACA27BEB6E}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{92FA2C24-253C-11d2-90FB-006008A1F441}" refers to invalid object "a3dapi.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{930FD02C-BBE7-4EB9-91CF-FC45CC91E3E6}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{97D6D376-23BB-11D1-A0E1-00C04FC9E20F}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9AC5BD2F-604B-4062-86BC-5B1AB98D6648}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\Lexware\EBUSIN~1\FKUpload.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9DB7A13C-F208-4981-8353-73CC61AE2783}" refers to invalid object "C:\WINDOWS\System32\twext.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A2EDA89A-0966-4B91-9C18-AB69F098187F}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{ADEADEB8-E54B-11d1-9A72-0000F875EADE}" refers to invalid object "C:\Programme\Movie Maker\wmm2fxa.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AECF5D2E-7A18-4DD2-BDCD-29B6F615B448}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B4DC8DD9-2CC1-4081-9B2B-20D7030234EF}" refers to invalid object "C:\Programme\Movie Maker\wmm2fxa.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B6E33EB2-8C6D-49E6-BBA9-9CF33759D35F}" refers to invalid object "C:\MAGIX\mm2005_silver\RegModule\hhmultee.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BC0D69A8-0923-4EEE-9375-9239F5A38B92}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C0D076C5-E4C6-4561-8BF4-80DA8DB819D7}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C378B3A7-404B-445B-8334-D078852EABDB}" refers to invalid object "C:\Programme\Intuwave\Shared\mRouterRunTime\mRouterBluetooth.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C44C65C7-FDF1-453D-89A5-BCC28F5D69F9}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C63344D8-70D3-4032-9B32-7A3CAD5091A5}" refers to invalid object "C:\Programme\Movie Maker\wmm2fxa.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C6CB1FE3-B05E-4F0E-818F-C83ED5A0332F}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C8F209F8-480E-454C-94A4-5392D88EBA0F}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CC45B0B0-72D8-4652-AE5F-5E3E266BE7ED}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CD2425E4-8141-11D0-8CE4-444553540000}" refers to invalid object "C:\LEXWARE\PCFK32\Pcfk32.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CFFB1FC7-270D-4986-B299-FECF3F0E42DB}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D3B06B05-3667-4175-B2D2-D54DCED5E9F1}" refers to invalid object "C:\MAGIX\mm2005_silver\RegModule\dscapture.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D42AB085-7E24-460f-9BFB-9ADE542A81B9}" refers to invalid object "C:\MAGIX\mm2005_silver\RegModule\mxvisuals.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D7546AAE-A77A-11D1-B901-00AA00585640}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCF.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D7546ABD-A77A-11D1-B901-00AA00585640}" refers to invalid object "C:\Programme\Microsoft Office\Office10\MSOWCF.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{d8f1eee0-f634-11cf-8700-00a0245d918b}" refers to invalid object "a3d.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D98E820F-6ACD-4dc0-921E-9841E3D8B4A7}" refers to invalid object "D:\player\WMMP.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DB6E8F48-FD3E-11D0-A0BC-00C04FC9E20F}" refers to invalid object "C:\PROGRA~1\MICROS~4\Office10\MSOWC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E188F7A3-A04E-413E-99D1-D79A45F70305}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E476CBFF-E229-4524-B6B7-228A3129D1C7}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E673DCF2-C316-4c6f-AA96-4E4DC6DC291E}" refers to invalid object "C:\Programme\Movie Maker\wmm2fxb.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E769AC40-7735-11D2-8B7B-9D5958F45120}" refers to invalid object "C:\MAGIX\mm2005_silver\RegModule\wavdest.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E8C31D11-6FD2-4659-AD75-155FA143F42B}" refers to invalid object "C:\Programme\Movie Maker\wmm2ae.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EC85D8F1-1C4E-46e4-A748-7AA04E7C0496}" refers to invalid object "C:\Programme\Movie Maker\wmm2fxa.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{ED4EB73F-EDEC-11D3-BC26-00A0CC5087AB}" refers to invalid object "C:\MAGIX\mm2005_silver\pptaddin.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EF105BC3-C064-45F1-AD53-6D8A8578D01B}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EFEE43D6-BFE5-44B0-8063-AC3B2966AB2C}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F44BB2D0-F070-463E-9433-B0CCF3CFD627}" refers to invalid object "C:\Programme\Movie Maker\wmm2filt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F4C6D6E0-A8FB-4281-BE24-1662D646FE2B}" refers to invalid object "D:\player\WMMP.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FBE840E5-13A5-4cff-B2A9-4D1E64A17FF2}" refers to invalid object "D:\player\WMMP.EXE". Action Taken: No Action Taken.
Entry "HKCR\ActMsg.Session" refers to invalid object "{3FA7DEB3-6438-101B-ACC1-00AA00423326}". Action Taken: No Action Taken.
Entry "HKCR\ADP.UrlCatcher" refers to invalid object "{F4E04583-354E-4076-BE7D-ED6A80FD66DA}". Action Taken: No Action Taken.
Entry "HKCR\ADP.UrlCatcher.1" refers to invalid object "{F4E04583-354E-4076-BE7D-ED6A80FD66DA}". Action Taken: No Action Taken.
Entry "HKCR\Automatische Zuordnung.Map.EU" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken.
Entry "HKCR\Automatische Zuordnung.Map.EU.9" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken.
Entry "HKCR\Automatische Zuordnung.Template.EU.9" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: No Action Taken.
Entry "HKCR\CB.UrlCatcher" refers to invalid object "{CE188402-6EE7-4022-8868-AB25173A3E14}". Action Taken: No Action Taken.
Entry "HKCR\CB.UrlCatcher.1" refers to invalid object "{CE188402-6EE7-4022-8868-AB25173A3E14}". Action Taken: No Action Taken.
Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\MultimediaConverter.Converter" refers to invalid object "{E180CA8F-034D-11d6-AEA1-00B0D0797201}". Action Taken: No Action Taken.
Entry "HKCR\NLS.UrlCatcher" refers to invalid object "{AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344}". Action Taken: No Action Taken.
Entry "HKCR\PDF.PdfCtrl.5" refers to invalid object "{CA8A9780-280D-11CF-A24D-444553540000}". Action Taken: No Action Taken.
Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.
Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.
Entry "HKCR\WMPShell.HWEventHandler" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken.
Entry "HKCR\WMPShell.HWEventHandler.1" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken.
File C:\WINDOWS\autoheal.exe tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\WINDOWS\System32\exdl.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\exul.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\javexulm.vxd tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\exdl2.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\exdl3.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\exdl1.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\System32\mac80ex.idf tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\WINDOWS\System32\javex80.vxd tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\WINDOWS\System32\psis80ex.ax tagged as "not-a-virus:AdWare.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\System32\exul3.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\exul1.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\mqexdlm.srg tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\System32\netut80ex.vxd tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\exdl.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\exul.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\javexulm.vxd tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\exdl2.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\exdl3.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\exdl1.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\system32\mac80ex.idf tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\WINDOWS\system32\javex80.vxd tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\WINDOWS\system32\psis80ex.ax tagged as "not-a-virus:AdWare.BargainBuddy.l". Action Taken: No Action Taken.
File C:\WINDOWS\system32\exul3.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\exul1.exe tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\mqexdlm.srg tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\system32\netut80ex.vxd tagged as "not-a-virus:AdWare.BargainBuddy.q". Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\installer_MARKETING32.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\autoheal.exe tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Gast\Eigene Dateien\Ralph\CD-Brennd\tägliche Losung\Winlos03.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Jan\backups\backup-20050523-115914-837.dll tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Jan\backups\backup-20050523-115914-344.dll tagged as "not-a-virus:AdWare.BargainBuddy.l". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Jan\Eigene Dateien\Jan\backups\backup-20050523-115914-345.dll tagged as "not-a-virus:AdWare.BargainBuddy.n". Action Taken: No Action Taken.
File C:\HCW\wpcuinst.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.

Alt 02.06.2005, 22:02   #15
chaosman
 
BullsEye wütet wieder! - Standard

BullsEye wütet wieder!



@Squad
poste bitte folgendes
________________________________________
Öffne C:\bases\mwav.log
Am Ende folgendes suchen und hier rein kopieren:
Zitat:
Total Files Scanned:
Total Virus(es) Found:
Total Disinfected Files:
Total Files Renamed:
Total Deleted Files:
Total Errors:
Time Elapsed:
Virus Database Date:
Virus Database Count:

chaosman
__________________
Bonus vir semper tiro

Antwort

Themen zu BullsEye wütet wieder!
adobe, antivir, antivir update, bho, button, dateien, einstellungen, explorer, file missing, hijack, hijackthis, internet, internet explorer, keine ahnung, launch, logfile, messenger, microsoft, programme, scan, software, system, system32, temp, trojaner, update, vielen dank, windows, windows xp



Ähnliche Themen: BullsEye wütet wieder!


  1. PC fährt immer wieder von alleine runter und wieder hoch
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (13)
  2. Windows Vista startet nicht, fährt sofort wieder runter und gleich wieder hoch...
    Alles rund um Windows - 03.04.2010 (3)
  3. "TR/Dropper.Gen" wütet im "Eigene Dateien"-Ordner, Hijackthis bitte auswerten!
    Log-Analyse und Auswertung - 10.09.2009 (9)
  4. Bullseye na super!???
    Plagegeister aller Art und deren Bekämpfung - 01.06.2005 (8)
  5. wer hilft bei logfile, das Bullseye ist da, Zeta habe ich vor dem test deinstallieret
    Log-Analyse und Auswertung - 06.04.2005 (1)
  6. Bullseye. Bitte helft mir:Log checken
    Log-Analyse und Auswertung - 26.02.2005 (2)
  7. Bullseye Network
    Plagegeister aller Art und deren Bekämpfung - 22.02.2005 (2)
  8. BullsEye Network, wer kann helfen???
    Plagegeister aller Art und deren Bekämpfung - 12.02.2005 (1)
  9. Bullseye Network - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 07.02.2005 (7)
  10. Finde bullseye nicht
    Plagegeister aller Art und deren Bekämpfung - 04.02.2005 (3)
  11. Cashback, Bullseye, Navisearch, TV Media
    Plagegeister aller Art und deren Bekämpfung - 31.01.2005 (11)
  12. Bullseye Network
    Log-Analyse und Auswertung - 10.01.2005 (6)
  13. Bullseye network wie entfernen
    Log-Analyse und Auswertung - 02.01.2005 (1)
  14. Will BullsEye entgültig loswerden (XP)
    Plagegeister aller Art und deren Bekämpfung - 02.11.2004 (10)
  15. bullseye, wie wird man den mist los? win2000
    Log-Analyse und Auswertung - 19.10.2004 (16)
  16. Cashback, Navisearch und Bullseye Network
    Plagegeister aller Art und deren Bekämpfung - 10.10.2004 (1)
  17. Klebriges BullsEye
    Log-Analyse und Auswertung - 08.10.2004 (10)

Zum Thema BullsEye wütet wieder! - Hallo! Ich habe mir nun schon einige Posts über den Trojaner Bullseye durchgelesen, den ich mir eingefangen habe. Da ich aber absolut keine Ahnung auf diesem Gebiet habe, poste ich - BullsEye wütet wieder!...
Archiv
Du betrachtest: BullsEye wütet wieder! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.