| |
| |||||||
Log-Analyse und Auswertung: Aurora Bitte um Hilfe habe schon alles gemacht was ich finden konnte!!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
14.06.2005, 17:30
| #1 |
| |  Aurora Bitte um Hilfe habe schon alles gemacht was ich finden konnte!! HI da bin ich wieder!!! So ich kann diese datei nicht Löschen nach dem Fixen kommen sie SOFORT wieder: O4 - HKLM\..\Run: [iuidic] c:\windows\system32\bofvjs.exe r O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k und hier ist die Virus Log von eScan (sieht aber auch nich so gut aus) Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ElitebarBHO Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "HyperBar Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "ISearchTech.ISTdownloader Spyware/Adware" found in File System! Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\asinst.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\system32\LegitCheckControl.DLL". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Common\Bin\IVIPromotion.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxwma.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOKUME~1\Outlaw\LOKALE~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe\Photoshop Album\Kataloge\My Catalog.psa". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Games\Far Cry\Shaders\HWScripts\Declarations\CGPShaders\Cache\do_not_delete_this_folder.txt". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Games\Far Cry\Shaders\HWScripts\Declarations\CGVShaders\Cache\do_not_delete_this_folder.txt". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\SymNeti.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\LegitCheckControl.DLL". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\asinst.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{0482DDE0-7817-11cf-8A03-00AA006ECB65}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{05589f80-c356-11ce-bf01-00aa0055595a}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{0DED49D5-A8B7-4d5d-97A1-12B0C195874D}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{0F69997F-69A2-4B3B-9CE8-A06DCE657EB1}" refers to invalid object "C:\DOKUME~1\Outlaw\LOKALE~1\Temp\DW22CC.tmp". Action Taken: No Action Taken. Entry "HKCR\CLSID\{1EFD6A40-3999-11CF-9150-00AA0059F70D}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{266EEE40-6C63-11cf-8A03-00AA006ECB65}" refers to invalid object "kstvtune.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{266EEE41-6C63-11cf-8A03-00AA006ECB65}" refers to invalid object "kstvtune.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{29FF67FF-8050-480f-9F30-CC41635F2F9D}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{3775D2E0-7C5D-11CF-899E-00AA00688B10}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{442D12A1-2641-11d2-90FB-006008A1F441}" refers to invalid object "a3d.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{6A2E0670-28E4-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{70B51430-B6CA-11D0-B9B9-00A0C922E750}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96460-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "ksxbar.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96461-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "ksxbar.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96462-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "ksxbar.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96463-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "ksxbar.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96464-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96465-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96466-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{71F96467-78F3-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{72F89B75-654C-4F47-9C3B-938C0248D6DD}" refers to invalid object "C:\DOKUME~1\Outlaw\LOKALE~1\Temp\DW22CC.tmp". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8298d101-f992-43b7-8eca-5052d885b995}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{92FA2C24-253C-11d2-90FB-006008A1F441}" refers to invalid object "a3dapi.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{9E936C4C-2798-4003-8913-F7E6723480F6}" refers to invalid object "C:\DOKUME~1\Outlaw\LOKALE~1\Temp\DW22CC.tmp". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A5CF2D91-1749-41DE-BE78-3B6633E0C07D}" refers to invalid object "C:\DOKUME~1\Outlaw\LOKALE~1\Temp\DW22CE.tmp". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A6FF2A54-2DB3-4843-855F-607F3BF39B57}" refers to invalid object "C:\DOKUME~1\Outlaw\LOKALE~1\Temp\DW22CC.tmp". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A9E69612-B80D-11D0-B9B9-00A0C922E750}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C6E13343-30AC-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C6E13344-30AC-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C6E13350-30AC-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C6E13360-30AC-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{C6E13370-30AC-11d0-A18C-00A0C9118956}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{d8f1eee0-f634-11cf-8700-00a0245d918b}" refers to invalid object "a3d.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{f612954d-3b0b-4c56-9563-227b7be624b4}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{f72a76A0-eb0a-11d0-ace4-0000c0cc16ba}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{F72A76E0-EB0A-11d0-ACE4-0000C0CC16BA}" refers to invalid object "kswdmcap.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{FD0A5AF3-B41D-11d2-9C95-00C04F7971E0}" refers to invalid object "BdaPlgin.ax". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken. Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken. Entry "HKCR\DSP.DSP" refers to invalid object "{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Entry "HKCR\WMPShell.HWEventHandler" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken. Entry "HKCR\WMPShell.HWEventHandler.1" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken. |
|
| Themen zu Aurora Bitte um Hilfe habe schon alles gemacht was ich finden konnte!! |
| adobe, adobe reader, antivir, antivir update, bitte um hilfe, desktop, einstellungen, escan, explorer, file missing, hijack, hijackthis, hotkey, internet, internet explorer, log, löschen, microsoft, nvidia, problem, programme, server, system, teamspeak, temp, urlsearchhook, virus, windows, windows messenger, windows xp |
Hybrid-Darstellung
