Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Hilfe bei Auswertung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 11.06.2005, 23:26   #1
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Ich habe mir mittlerweile mit Sicherheit verdammt viele Viren und Würmer eingefangen, die ich nicht wegbekomme. Nun habe ich von HijackThis gehört und wollte das mal testen. Zum Beispiel hab ich jetzt den Grund für meinen nicht angezeigten Desktophintergrund gefunden (Hicjacker)

Ich wäre also sehr froh, wenn mir jemand bei der Auswertung von folgendem logfile helfen kann. thx schonmal im vorraus

Zitat:
Logfile of HijackThis v1.99.1
Scan saved at 00:09:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe -----> kein virus
C:\WINDOWS\system32\winlogon.exe -----> kein virus
C:\WINDOWS\system32\services.exe -----> kein virus
C:\WINDOWS\system32\lsass.exe -----> kein virus
C:\WINDOWS\system32\svchost.exe -----> kein virus
C:\WINDOWS\System32\svchost.exe -----> kein virus
C:\WINDOWS\system32\spoolsv.exe -----> kein virus
C:\WINDOWS\Explorer.exe -----> kein virus
C:\Programme\DriveCrypt\DcrServ.exe -----> kein virus
C:\Programme\toptoolz\Opera7\opera.exe -----> kein virus
C:\WINDOWS\System32\svchost.exe -----> kein virus
C:\Programme\Internet Explorer\iexplore.exe -----> kein virus
c:\windows\system32\pmbvtih.exe -----> Trojan.Win32.Agent.ay
c:\progra~1\intern~1\iexplore.exe -----> kein virus
C:\Dokumente und Einstellungen\BrassMan\Desktop\HijackThis.exe -----> kein virus

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://82.179.166.192/search.php?v=6&aff=617907
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://82.179.166.192/index.php?v=6&aff=617907
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: IncrediFindBHO Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll
O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000001} - (no file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem301.dll
O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\System32\bridge.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programme\SideFind\sfbho13.dll
O2 - BHO: CHungryBHO Object - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\neti.dll
O2 - BHO: (no name) - {BDE23876-7113-3334-6C3A-E2071F9577A2} - C:\DOKUME~1\BrassMan\ANWEND~1\AXISTO~1\knob fast.exe
O2 - BHO: (no name) - {C5941EE5-6DFA-11D8-86B0-0002441A9695} - C:\WINDOWS\3_0_1browserhelper3.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\PROGRA~1\BARGAI~1\bin\apuc.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Search Bar - {0A8CE102-FA03-4612-9BEE-7FE5452F4CB1} - C:\WINDOWS\system32\srchbar.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ubcotng] c:\windows\system32\pmbvtih.exe r
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKLM\..\RunOnce: [VcCleanUp.exe] C:\DOKUME~1\BrassMan\LOKALE~1\Temp\VcCleanUp.exe /F C:\PROGRA~1\GEMEIN~1\SYMANT~1\LiveReg\ /RemoveAll
O4 - HKLM\..\RunOnce: [WUpdate] C:\WINDOWS\System32\supd250305.exe
O4 - HKCU\..\Run: [DriveCrypt Startup] C:\Programme\DriveCrypt\DriveCrypt.exe /WS
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programme\SideFind\sidefind13.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O12 - Plugin for .exe: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .rar: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .tgz: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .zip: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3DBBD066-2534-45E9-A180-BB2C745970CD}: NameServer = 62.27.27.62 195.247.247.195
O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - C:\WINDOWS\System32\xplugin.dll
O23 - Service: AVK Service (AVKService) - Unknown owner - H:\Antivirus-Profi-Paket\AVKService.exe (file missing)
O23 - Service: Antivirus Wächter (AVKWCtl) - Unknown owner - H:\Antivirus-Profi-Paket\AVKWCtl.exe (file missing)
O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Programme\DriveCrypt\DcrServ.exe
O23 - Service: GBPoll - Unknown owner - C:\Programme\Roxio\GoBack\GBPoll.exe (file missing)
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Programme\MySQL\MySQL.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RVS CAPI (RVS_CE) - RVS Datentechnik GmbH, München - C:\WINDOWS\system32\rvs_cent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
_____________
Anm.
Aktive Links editiert!
Beachte zukünftig die Hinweise dieser Anleitung: HiJackThis.


LG Cidre
S-Mod TB


edit: Ich habe jetzt mal für die Prozesse bei http://virusscan.jotti.org/de/ vorbeigeschaut und habe einen virus rausgefunden.

Geändert von BrassMan (12.06.2005 um 09:47 Uhr) Grund: htmlcode

Alt 11.06.2005, 23:51   #2
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Ich habe mir das schon durchgelesen, nur hab ich das mit dem HTML-Code vergessen, sorry.
__________________


Geändert von BrassMan (12.06.2005 um 09:49 Uhr)

Alt 12.06.2005, 00:56   #3
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Kann man die infizierten Dateien nun einfach löschen?
Also ich meine jetzt die pmbvtih.exe.

edit: Ich habe jetzt mal im abgesicherten Modus ein paar Einträge gefixed. So sieht die Log nun aus:

Logfile of HijackThis v1.99.1
Scan saved at 11:07:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Programme\DriveCrypt\DcrServ.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\rvs_cent.exe
C:\WINDOWS\System32\tcpsvcs.exe
c:\windows\system32\erackg.exe
C:\Dokumente und Einstellungen\BrassMan\Desktop\HijackThis.exe

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll
O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll
O2 - BHO: (no name) - {49E0E0F0-5C30-11D4-945D-000000000001} - (no file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem301.dll
O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - C:\WINDOWS\System32\WStart.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\System32\bridge.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programme\SideFind\sfbho13.dll
O2 - BHO: CHungryBHO Object - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\neti.dll
O2 - BHO: (no name) - {BDE23876-7113-3334-6C3A-E2071F9577A2} - C:\DOKUME~1\BrassMan\ANWEND~1\AXISTO~1\knob fast.exe
O2 - BHO: (no name) - {C5941EE5-6DFA-11D8-86B0-0002441A9695} - C:\WINDOWS\3_0_1browserhelper3.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\PROGRA~1\BARGAI~1\bin\apuc.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ffizhqj] c:\windows\system32\erackg.exe r
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKLM\..\RunOnce: [VcCleanUp.exe] C:\DOKUME~1\BrassMan\LOKALE~1\Temp\VcCleanUp.exe /F C:\PROGRA~1\GEMEIN~1\SYMANT~1\LiveReg\ /RemoveAll
O4 - HKLM\..\RunOnce: [WUpdate] C:\WINDOWS\System32\supd250305.exe
O4 - HKCU\..\Run: [DriveCrypt Startup] C:\Programme\DriveCrypt\DriveCrypt.exe /WS
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programme\SideFind\sidefind13.dll
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O12 - Plugin for .exe: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .rar: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .tgz: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O12 - Plugin for .zip: C:\Programme\toptoolz\Opera7\PLUGINS\NPGetRt1.dll
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} - C:\WINDOWS\System32\xplugin.dll
O23 - Service: AVK Service (AVKService) - Unknown owner - H:\Antivirus-Profi-Paket\AVKService.exe (file missing)
O23 - Service: Antivirus Wächter (AVKWCtl) - Unknown owner - H:\Antivirus-Profi-Paket\AVKWCtl.exe (file missing)
O23 - Service: DriveCrypt Service (DriveCryptService) - Unknown owner - C:\Programme\DriveCrypt\DcrServ.exe
O23 - Service: GBPoll - Unknown owner - C:\Programme\Roxio\GoBack\GBPoll.exe (file missing)
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Programme\MySQL\MySQL.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RVS CAPI (RVS_CE) - RVS Datentechnik GmbH, München - C:\WINDOWS\system32\rvs_cent.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
__________________

Geändert von BrassMan (12.06.2005 um 10:10 Uhr)

Alt 12.06.2005, 11:33   #4
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



kann mir denn wirklich niemand helfen?

Alt 12.06.2005, 16:50   #5
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Zitat:
Zitat von BrassMan
kann mir denn wirklich niemand helfen?
86hits und keine antwort ^^


Alt 12.06.2005, 17:16   #6
felix1
/// Helfer-Team
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Dein Problem liegt schon daran:
Logfile of HijackThis v1.99.1
Scan saved at 11:07:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)


Wo sind SP2 und die notwendigen Patches für XP und IE

Du solltest sofort SP2 installieren.

Dein nächstes Problem:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
Deshalb mache genau nach Anleitung:

http://www.trojaner-board.de/showthread.php?t=17492

Alt 12.06.2005, 18:20   #7
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Zitat:
Zitat von felix1
Dein Problem liegt schon daran:
Logfile of HijackThis v1.99.1
Scan saved at 11:07:24, on 12.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)


Wo sind SP2 und die notwendigen Patches für XP und IE

Du solltest sofort SP2 installieren.

Dein nächstes Problem:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
Deshalb mache genau nach Anleitung:

http://www.trojaner-board.de/showthread.php?t=17492
Danke, hab jetzt mal eScan durchgeführt. Erst waren's 90 Viren, bei eScanCheck dann knapp 20. Nachdem die gelöscht waren, ist nur noch einer übriggeblieben. Nämlich der hier: c:\windows\system32\kgpfips.exe, das ist der Trojan.W32.Agent.ay und den bekomme ich nicht weg. Das Problem ist, ich kann immer noch keine Wallpaper festlegen. Ich bekomme immer noch einen weißen Hintergrund.
Zu dem Service Pack 2: Ich werde mir das mal zulegen, habe mich vorher immer dagegen gewehrt, weil ich dachte, dass es das System eher kaputt macht, als das Gegenteil.
Zu IE-Patches: Ich öffne den Internet Explorer so gut wie nie, deshalb brauche ich nicht unbedingt die patches. Ich benutze lieber Opera.

Alt 12.06.2005, 18:46   #8
Haui45
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Wenn du Hilfe willst, solltest du uns die Virus-Log-Information von eScan zur Verfügung stellen.

Auch wenn du den IE nicht benutzt, sollte er aktualisiert werden!

Alt 12.06.2005, 19:13   #9
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Zitat:
Zitat von Haui45
Wenn du Hilfe willst, solltest du uns die Virus-Log-Information von eScan zur Verfügung stellen.

Auch wenn du den IE nicht benutzt, sollte er aktualisiert werden!
Alles klar, werde ich auch einfach mal machen.
Hier der die Virus-Log-Information von eScan:
File C:\WINDOWS\system32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File c:\windows\system32\saie.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
File c:\windows\xcjsx.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\spoolsrv32.exe tagged as "not-a-virus:AdWare.FindSpy.b". Action Taken: No Action Taken.
File C:\WINDOWS\svcproc.exe infected by "Trojan.Win32.Stervis.c" Virus! Action Taken: No Action Taken.
Object "BearShare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BearShare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BearShare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "SideFind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Bargain Buddy Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "VX2 Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "VX2 Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BetterInternet Adware" found in File System! Action Taken: No Action Taken.
Object "BetterInternet Adware" found in File System! Action Taken: No Action Taken.
Object "WhenU Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "sidefind Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BetterInternet Adware" found in File System! Action Taken: No Action Taken.
Object "BTGrab Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "DyFuCA Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "istbar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "180Solutions Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Gator Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Kazaa Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Search Bar Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "WebSiteViewer Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CoolWebSearch Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "updater Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "WhenU Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "CWS.xplugin Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "BTGrab Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "farmmext Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "farmmext Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\HDPlugin1019.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Symantec\SYMEVNT.386". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Symantec\S32EVNT1.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Symantec\SYMEVENT.SYS". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\VOB\ASAPI Update\IWuninstall.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Vicky\Eigene Dateien\Programm\Programm\vcljpg50.bpl". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Vicky\Eigene Dateien\Programm\Programm\VCLJPG50.DE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Vicky\Eigene Dateien\Programm\Programm\vclx50.bpl". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\xing shared\mpeg encode\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\HDPlugin1019.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\UltraEdit\Uninstall.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\AMR WinControl Demo\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\IEditP5.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\Info5.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\mpeg2dec.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\CinePlayer Editor\Player13.ocx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\SCANOST.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\SCANPST.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\MSPST32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\MSMAPI32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\EMSUI32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\MLCFG32.CPL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\CONTAB32.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\ML3XEC16.EXE". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\CNFNOT32.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{00000010-6F7D-442C-93E3-4A4827C2E4C8}" refers to invalid object "C:\WINDOWS\nem219.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0199DF25-9820-4bd5-9FEE-5A765AB4371E}" refers to invalid object "C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}" refers to invalid object "C:\Programme\QuickTime\QTPlugin.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{03A17019-E155-41F0-A864-F9A2569EF35C}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0896FB83-B445-11D0-A44B-444553540000}" refers to invalid object "C:\PROGRA~1\CINEPL~1\mpeg2dec.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0896FB84-B445-11D0-A44B-444553540000}" refers to invalid object "C:\PROGRA~1\CINEPL~1\mpeg2dec.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0C5D39B0-460B-11D4-ADE1-0050DACD3DB9}" refers to invalid object "C:\Programme\Musicmatch\Musicmatch Jukebox\MMRadioEngine.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{0F9561D0-03B2-44a3-89A6-E95E417CBA25}" refers to invalid object "C:\WINDOWS\cerbmod.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{112A1DCD-D67F-41A6-BCCE-A365D7041F63}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{12EA75C7-181F-45EB-8E8C-CD1D56FDD379}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{15A4B485-C261-45C2-AE3C-F6EA36467360}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1D1E7439-3992-40BE-B196-4EDAF80C3953}" refers to invalid object "H:\Antivirus-Profi-Paket\gdata.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1D8F02C8-4D92-4B65-8DE8-877FF4EBFA14}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1EF2E5CB-646F-4F85-A355-8E328652CA60}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{1EFD6A40-3999-11CF-9150-00AA0059F70D}" refers to invalid object "G:\Mashed\Mashed_MYTH\MCI32.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2294C466-0D91-4689-9762-C1E92CF079BB}" refers to invalid object "C:\Programme\Musicmatch\Musicmatch Jukebox\SkinMgr.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{22C47B61-CF66-43E0-8A83-E0A0422680C4}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{23AA6EBC-86AA-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{23AA6EBD-86AA-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{27855D52-0913-4F88-A8CC-343D374E7CC9}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2B716F74-B667-40E1-A09C-5A6ED67F6D4E}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2D81AE3B-A0ED-4E3B-B88F-D8D208E4D130}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2F199503-36AB-494B-B441-57CCE370D706}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2F42C693-C6A4-11D0-93E9-00AA0064D470}" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\ESCONF.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{307A779A-E642-4E78-953E-249129751D78}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3775D2E0-7C5D-11CF-899E-00AA00688B10}" refers to invalid object "G:\Mashed\Mashed_MYTH\MCI32.OCX". Action Taken: No Action Taken.

Alt 12.06.2005, 19:17   #10
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Entry "HKCR\CLSID\{399CB6C4-7312-11D2-B4D9-00105A0422DF}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\HHACTI~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3B974B6B-26DA-424D-973A-A97D60C1C017}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{3FA7DEB3-6438-101B-ACC1-00AA00423326}" refers to invalid object "C:\Programme\Gemeinsame Dateien\System\Mapi\1031\CDO.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{409CB1EB-4444-4951-BCB9-A21591B34F45}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{431468DB-675D-489A-BFCE-69922E9D3607}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3783-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3785-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3787-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{477A3789-2D4D-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4880A300-C5B7-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\PAINT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4A10F2F9-9825-48C1-A7FF-D34A450B8AFC}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4EC5E243-09BC-407F-8C8C-F47AD2D76758}" refers to invalid object "H:\Antivirus-Profi-Paket\ScanObjectBrowser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB}" refers to invalid object "C:\WINDOWS\System32\xplugin.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4F94DD5B-006A-4AB7-9C93-1C124D192561}" refers to invalid object "H:\Antivirus-Profi-Paket\LogShow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4FBDE340-0972-11CF-B1DD-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\GIZMO.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{4FBDE344-0972-11CF-B1DD-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\GIZMO.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{50398872-22FB-4A64-A9C4-0E9FC36311D4}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{53DA056A-69FF-43EB-BD82-9016FE97893B}" refers to invalid object "H:\Antivirus-Profi-Paket\LogShow.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{558EC983-BEDB-9168-B2DE-31DBF0EE543E}" refers to invalid object "C:\Programme\QuickTime\QTPlugin.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{5F00447B-8A10-46AE-BDA3-F95EE73769B8}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6458B171-6312-4584-8B1E-B1CAA7A60DFD}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{67C6D7A1-2BD5-11D4-9F43-005004450C82}" refers to invalid object "H:\Antivirus-Profi-Paket\AVKOff.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{68960C20-6605-4126-9D2A-81A8501A4023}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5DC-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5DD-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E0-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E1-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E4-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6B58B5E5-7405-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6EECCB0A-4BD1-421A-B72A-08C21DD6D9D0}" refers to invalid object "H:\Antivirus-Profi-Paket\ScanObjectBrowser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{735A1BE3-AA82-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPROOM.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{735A1BE4-AA82-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPROOM.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{80BB7465-A638-43B5-9827-8E8FE38DFCC1}" refers to invalid object "C:\WINDOWS\System32\jao.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{83DE62E0-5805-11D8-9B25-00E04C60FAF2}" refers to invalid object "C:\WINDOWS\2_0_1browserhelper2.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{84268CDA-5AE9-409C-94E9-B6FEB4B5A123}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{860B20E7-4EDA-11D4-A27F-00400516E636}" refers to invalid object "C:\Programme\Ping\grimping.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8656F959-2A54-4ADF-8849-F5BAF1EE4922}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}" refers to invalid object "C:\WINDOWS\wsem301.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{93FD3565-F27A-11CE-AD6D-0020AFEB8AB5}" refers to invalid object "C:\PROGRA~1\Mplayer\system\CHAT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{93FD3569-F27A-11CE-AD6D-0020AFEB8AB5}" refers to invalid object "C:\PROGRA~1\Mplayer\system\CHAT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{959F94FD-DD1E-11D2-B559-00105A0422DF}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\HHACTI~1.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{95B35A0B-F6E6-4705-A938-321E7DE86472}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9887C25D-CA98-4195-908E-60B8F868D32A}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9896231A-C487-43A5-8369-6EC9B0A96CC0}" refers to invalid object "C:\WINDOWS\System32\WStart.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}" refers to invalid object "C:\WINDOWS\System32\bridge.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{9F95F736-0F62-4214-A4B4-CAA6738D4C07}" refers to invalid object "C:\Programme\BearShare\RunMSC.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A5C36458-E11B-435D-8B0E-6C1FA215244E}" refers to invalid object "H:\Antivirus-Profi-Paket\GDIUpdt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A97BBEB0-2D4C-11D3-B244-444553540000}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\XINGSH~1\MPEGEN~1\xmencmp3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AAD57194-94F6-49CB-B6BE-1BFFF9BB797B}" refers to invalid object "H:\Antivirus-Profi-Paket\AVKPOPc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{ADC4FE5F-9ACA-4551-8AD1-7B1DEF9D6BE8}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{ADEABA31-BFEA-4E42-BAA7-1A092F646A3D}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AF000B40-4D4A-11D2-B504-0080ADB6438D}" refers to invalid object "C:\Programme\CinePlayer Editor\Player13.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AF833A9E-9CCF-4338-09A1-0D88E07ADEE7}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B379E453-4EA4-11D4-88D8-B63E205F9173}" refers to invalid object "C:\WINDOWS\System32\NCTAudioEditor.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B5ECE440-79DA-44E4-BD29-59328122E649}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B617F87F-1856-43BC-ADEB-C43922F7A575}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B8323370-FF27-11D2-97B6-204C4F4F5020}" refers to invalid object "C:\Programme\SmartFTP\smarthook.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261A-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261B-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261C-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261D-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261E-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B881261F-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A0-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A1-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A2-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{B88126A3-BDB3-11D0-B19E-00A0C91E29D8}" refers to invalid object "C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBSER~1\50\bin\FP5AWEC.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BB6BE882-C5CA-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\PAINT.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BBA00AB7-8434-49FA-8FDE-23A7B882CAA8}" refers to invalid object "C:\PROGRA~1\AMRWIN~1\Softlocx.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BCF96FB4-5F1B-497B-AECC-910304A55011}" refers to invalid object "C:\WINDOWS\neti.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{BD8A0455-29BA-43D8-A195-1D0AC9A6EAEC}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C0BAFD83-B1C8-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPPAGER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C0BAFD84-B1C8-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPPAGER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}" refers to invalid object "G:\Mashed\Mashed_MYTH\MCI32.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C3DB19A6-D5A2-11D2-8F58-00E02916007D}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\mmjbctrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{C5941EE5-6DFA-11D8-86B0-0002441A9695}" refers to invalid object "C:\WINDOWS\3_0_1browserhelper3.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CAF4C320-32F5-11D3-A222-004095200FF2}" refers to invalid object "H:\Antivirus-Profi-Paket\ShellExt.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF494-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\IEditP5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF495-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\IEditP5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF4AE-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\Info5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CB3AF4AF-5DE8-11D2-826B-0060971D6364}" refers to invalid object "C:\PROGRA~1\CINEPL~1\Info5.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CE0E7204-D82C-4273-8A70-919963F4CFE0}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1}" refers to invalid object "C:\PROGRA~1\BARGAI~1\bin\apuc.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{CEA206E8-8057-4A04-ACE9-FF0D69A92297}" refers to invalid object "C:\WINDOWS\wsem301.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D052A011-00FC-4854-8D5A-81B36A06D435}" refers to invalid object "C:\Programme\Ping\grimftp.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D326DC3B-8ADF-456A-B1B7-8A9E37704C60}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{D98CDB6F-6A57-4C74-88A4-348AB530D862}" refers to invalid object "H:\Antivirus-Profi-Paket\AskUser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DAE27546-4F73-41AE-A802-F5C4D7CD57BA}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DC06BAF1-D92A-45D0-B82B-9C7596B07E1A}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DEFADBC3-AF49-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPMEMBER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DEFADBC4-AF49-11D0-B1DE-0000C0289C9A}" refers to invalid object "C:\PROGRA~1\Mplayer\system\MPMEMBER.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DFBFC960-D71B-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\SOUND.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DFBFC964-D71B-11CE-AF7E-444553540000}" refers to invalid object "C:\PROGRA~1\Mplayer\system\SOUND.OCX". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E1B8D8A1-8F84-413F-BCAB-C0EC18CCEF69}" refers to invalid object "H:\Antivirus-Profi-Paket\MimeSniffer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{E2155772-45C4-44D1-9144-40A075908FFD}" refers to invalid object "H:\Antivirus-Profi-Paket\ScanObjectBrowser.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EFAC012B-2A65-4D0B-9237-ADBADD94DFE9}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{EFC25C6F-1A04-43FD-AB25-0F3ED89E050A}" refers to invalid object "C:\WINDOWS\System32\NCTAudioInformation.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F0FDBF9F-63BF-4BFB-A3DB-E7B7FCF3F7DE}" refers to invalid object "C:\Programme\Musicmatch\Musicmatch Jukebox\directorps.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F18175B4-A156-45D5-912E-0C1E4E82FAD5}" refers to invalid object "H:\Antivirus-Profi-Paket\SplitExplorer.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F1DD8F2C-1A49-40F0-9649-ACB3AB7AF86A}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F50B3F14-19C4-11CF-AA9A-02608C9BABA2}" refers to invalid object "C:\WINDOWS\System32\mpgdec.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F50B3F15-19C4-11CF-AA9A-02608C9BABA2}" refers to invalid object "C:\WINDOWS\System32\mpgdec.ax". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{F7B73562-60B6-4DEE-92B4-384F98A302FB}" refers to invalid object "C:\WINDOWS\System32\NCTAudioTransform.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FB215E25-F536-4B36-8262-ECF59601FAC1}" refers to invalid object "C:\PROGRA~1\MUSICM~1\MUSICM~1\MMFWCtrl.ocx". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{FC05EDBA-80CC-4CFC-87C7-0E15010F835A}" refers to invalid object "C:\WINDOWS\System32\NCTAudioTransform.dll". Action Taken: No Action Taken.
File C:\WINDOWS\itybcim.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
File C:\WINDOWS\qbqjyfpculi.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
File C:\WINDOWS\switpa.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\AcsProxy.dll tagged as "not-a-virus:AdWare.ToolBar.FWN.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
File C:\WINDOWS\System32\saiehook.dll tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
File C:\WINDOWS\System32\srchbar.dll tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
File C:\WINDOWS\System32\srpcsrv32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\Switp_bund_ar10.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\txfdb32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
File C:\WINDOWS\System32\unregister.exe tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.

PS: Ich musste 2 Seiten benutzen, da der Log zu lang war

Alt 12.06.2005, 19:22   #11
felix1
/// Helfer-Team
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Nutze bitte die in der Anleitung beschriebene Anwendung der Datei Find.bat.

Alt 12.06.2005, 19:50   #12
BrassMan
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Jun 12 18:59:29 2005 => File c:\windows\system32\kgpfips.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 18:59:36 2005 => File c:\windows\system32\kgpfips.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with BearShare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with BearShare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with BearShare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({40b1d454-9ca4-43cc-86aa-cb175eac52fb})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({1c01d150-91a4-4de0-9bf8-a35d1bdf1001})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({8f4e5661-f99e-4b3e-8d85-0ea71c0748e4})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({cea206e8-8057-4a04-ace9-ff0d69a92297})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({0be10b0d-b4db-4693-9b1f-9aead54d17dc})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({AA4939C3-DECA-4A48-A454-97CD587C0EF5})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with DyFuCA Spyware/Adware ({EEE4A2E5-9F56-432F-A6ED-F6F625B551E0})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({8cba1b49-8144-4721-a7b1-64c578c9eed7})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({58634367-d62b-4c2c-86be-5aac45cdb671})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({d0288a41-9855-4a9b-8316-babe243648da})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({339d8aff-0b42-4260-ad82-78ce605a9543})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({a36a5936-cfd9-4b41-86bd-319a1931887f})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with SideFind Spyware/Adware ({10e42047-deb9-4535-a118-b3f6ec39b807})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Bargain Buddy Spyware/Adware ({CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Bargain Buddy Spyware/Adware ({C6906A23-4717-4E1F-B6FD-F06EBED14177})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Bargain Buddy Spyware/Adware ({4EB7BBE8-2E15-424B-9DDB-2CDB9516A2A3})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with CoolWebSearch Spyware/Adware ({4f7681e5-6caf-478d-9cb8-4ca593bee7fb})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with CoolWebSearch Spyware/Adware ({ee79d398-aaaf-47b1-8c9e-11f7d4c9111b})! Action taken: No Action Taken.
Sun Jun 12 19:00:58 2005 => System found infected with CoolWebSearch Spyware/Adware ({ac3f36d4-f905-4fe9-a926-eb937e66f591})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with VX2 Spyware/Adware ({92daf5c1-2135-4e0c-b7a0-259abfcd3904})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with VX2 Spyware/Adware ({bb0d5adc-028d-4185-9288-722ddce2c757})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with BetterInternet Adware ({59EBB576-CEB0-42FA-9917-DA6254A275AD})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with BetterInternet Adware ({8E0D8965-B97B-468D-8306-A05929E439C1})! Action taken: No Action Taken.
Sun Jun 12 19:00:59 2005 => System found infected with WhenU Spyware/Adware (WUSE)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with CWS.xplugin Spyware/Adware (xplugin.dll)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with BTGrab Spyware/Adware (btgrab.inf)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with farmmext Spyware/Adware (farmmext.ini)! Action taken: No Action Taken.
Sun Jun 12 19:01:13 2005 => System found infected with farmmext Spyware/Adware (farmmext.inf)! Action taken: No Action Taken.
Sun Jun 12 19:05:23 2005 => Total Disinfected Files: 0
Sun Jun 12 19:57:10 2005 => File C:\WINDOWS\system32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:57:17 2005 => File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:57:32 2005 => File c:\windows\system32\bwouie.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:58:59 2005 => File C:\WINDOWS\svcproc.exe infected by "Trojan.Win32.Stervis.c" Virus! Action Taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with BearShare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with BearShare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with BearShare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({40b1d454-9ca4-43cc-86aa-cb175eac52fb})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({1c01d150-91a4-4de0-9bf8-a35d1bdf1001})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({8f4e5661-f99e-4b3e-8d85-0ea71c0748e4})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({cea206e8-8057-4a04-ace9-ff0d69a92297})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({0be10b0d-b4db-4693-9b1f-9aead54d17dc})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({AA4939C3-DECA-4A48-A454-97CD587C0EF5})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with DyFuCA Spyware/Adware ({EEE4A2E5-9F56-432F-A6ED-F6F625B551E0})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({8cba1b49-8144-4721-a7b1-64c578c9eed7})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({58634367-d62b-4c2c-86be-5aac45cdb671})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({d0288a41-9855-4a9b-8316-babe243648da})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({339d8aff-0b42-4260-ad82-78ce605a9543})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({a36a5936-cfd9-4b41-86bd-319a1931887f})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with SideFind Spyware/Adware ({10e42047-deb9-4535-a118-b3f6ec39b807})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with Bargain Buddy Spyware/Adware ({CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with Bargain Buddy Spyware/Adware ({C6906A23-4717-4E1F-B6FD-F06EBED14177})! Action taken: No Action Taken.
Sun Jun 12 19:59:03 2005 => System found infected with Bargain Buddy Spyware/Adware ({4EB7BBE8-2E15-424B-9DDB-2CDB9516A2A3})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with CoolWebSearch Spyware/Adware ({4f7681e5-6caf-478d-9cb8-4ca593bee7fb})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with CoolWebSearch Spyware/Adware ({ee79d398-aaaf-47b1-8c9e-11f7d4c9111b})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with CoolWebSearch Spyware/Adware ({ac3f36d4-f905-4fe9-a926-eb937e66f591})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with VX2 Spyware/Adware ({92daf5c1-2135-4e0c-b7a0-259abfcd3904})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with VX2 Spyware/Adware ({bb0d5adc-028d-4185-9288-722ddce2c757})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with BetterInternet Adware ({59EBB576-CEB0-42FA-9917-DA6254A275AD})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with BetterInternet Adware ({8E0D8965-B97B-468D-8306-A05929E439C1})! Action taken: No Action Taken.
Sun Jun 12 19:59:04 2005 => System found infected with WhenU Spyware/Adware (WUSE)! Action taken: No Action Taken.
Sun Jun 12 19:59:21 2005 => System found infected with CWS.xplugin Spyware/Adware (xplugin.dll)! Action taken: No Action Taken.
Sun Jun 12 19:59:22 2005 => System found infected with BTGrab Spyware/Adware (btgrab.inf)! Action taken: No Action Taken.
Sun Jun 12 19:59:22 2005 => System found infected with farmmext Spyware/Adware (farmmext.ini)! Action taken: No Action Taken.
Sun Jun 12 19:59:22 2005 => System found infected with farmmext Spyware/Adware (farmmext.inf)! Action taken: No Action Taken.
Sun Jun 12 20:01:05 2005 => File C:\WINDOWS\System32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.
Sun Jun 12 20:03:41 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Jun 12 18:59:32 2005 => File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 18:59:35 2005 => File c:\windows\system32\saie.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 18:59:35 2005 => File c:\windows\xcjsx.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 18:59:36 2005 => File C:\WINDOWS\System32\spoolsrv32.exe tagged as "not-a-virus:AdWare.FindSpy.b". Action Taken: No Action Taken.
Sun Jun 12 18:59:51 2005 => Scanning File C:\Dokumente und Einstellungen\BrassMan\Desktop\new tracks\MP 3\Death Row Unreleased & Rare Stuff\player\2Pac - Pac's Life (CDQ Untagged).mp3 [**]
Sun Jun 12 19:01:57 2005 => File C:\WINDOWS\itybcim.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
Sun Jun 12 19:02:00 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
Sun Jun 12 19:02:01 2005 => File C:\WINDOWS\qbqjyfpculi.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 19:02:03 2005 => File C:\WINDOWS\switpa.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 19:02:06 2005 => File C:\WINDOWS\System32\AcsProxy.dll tagged as "not-a-virus:AdWare.ToolBar.FWN.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:21 2005 => File C:\WINDOWS\System32\saiehook.dll tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 19:04:31 2005 => File C:\WINDOWS\System32\srchbar.dll tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
Sun Jun 12 19:04:31 2005 => File C:\WINDOWS\System32\srpcsrv32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:34 2005 => File C:\WINDOWS\System32\Switp_bund_ar10.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:40 2005 => File C:\WINDOWS\System32\txfdb32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 19:04:42 2005 => File C:\WINDOWS\System32\unregister.exe tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
Sun Jun 12 19:57:15 2005 => File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 19:57:27 2005 => File C:\WINDOWS\Bolger.dll tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 19:57:31 2005 => File c:\windows\system32\saie.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 19:57:31 2005 => File c:\windows\xcjsx.exe tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 19:57:32 2005 => File C:\WINDOWS\System32\spoolsrv32.exe tagged as "not-a-virus:AdWare.FindSpy.b". Action Taken: No Action Taken.
Sun Jun 12 19:57:49 2005 => Scanning File C:\Dokumente und Einstellungen\BrassMan\Desktop\new tracks\MP 3\Death Row Unreleased & Rare Stuff\player\2Pac - Pac's Life (CDQ Untagged).mp3 [**]
Sun Jun 12 20:00:26 2005 => File C:\WINDOWS\itybcim.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
Sun Jun 12 20:00:28 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
Sun Jun 12 20:00:29 2005 => File C:\WINDOWS\qbqjyfpculi.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Sun Jun 12 20:00:31 2005 => File C:\WINDOWS\switpa.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 20:00:33 2005 => File C:\WINDOWS\System32\AcsProxy.dll tagged as "not-a-virus:AdWare.ToolBar.FWN.a". Action Taken: No Action Taken.
Sun Jun 12 20:02:36 2005 => File C:\WINDOWS\System32\saiehook.dll tagged as "not-a-virus:AdWare.180Solutions". Action Taken: No Action Taken.
Sun Jun 12 20:02:50 2005 => File C:\WINDOWS\System32\srchbar.dll tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
Sun Jun 12 20:02:50 2005 => File C:\WINDOWS\System32\srpcsrv32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 20:02:53 2005 => File C:\WINDOWS\System32\Switp_bund_ar10.exe tagged as "not-a-virus:AdWare.Atlas.a". Action Taken: No Action Taken.
Sun Jun 12 20:03:00 2005 => File C:\WINDOWS\System32\txfdb32.dll tagged as "not-a-virus:AdWare.Xawm.a". Action Taken: No Action Taken.
Sun Jun 12 20:03:02 2005 => File C:\WINDOWS\System32\unregister.exe tagged as "not-a-virus:AdWare.ToolBar.VB.f". Action Taken: No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Jun 12 19:05:23 2005 => Total Virus(es) Found: 69
Sun Jun 12 20:03:41 2005 => Total Virus(es) Found: 73
Sun Jun 12 19:05:23 2005 => Total Errors: 181
Sun Jun 12 20:03:41 2005 => Total Errors: 180
Sun Jun 12 19:05:23 2005 => Time Elapsed: 00:07:39
Sun Jun 12 20:03:41 2005 => Time Elapsed: 00:06:46
Sun Jun 12 19:05:23 2005 => Total Objects Scanned: 14586
Sun Jun 12 20:03:41 2005 => Total Objects Scanned: 14714
Sun Jun 12 18:57:40 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 19:05:23 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 19:05:30 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 19:56:51 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 20:03:41 2005 => Virus Database Date: 2005/06/09
Sun Jun 12 20:18:02 2005 => Virus Database Date: 2005/06/09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

Alt 12.06.2005, 21:33   #13
Cidre
Administrator, a.D.
 
Hilfe bei Auswertung - Standard

Hilfe bei Auswertung



Hallo,

du hast eScan nicht gemäss der Anleitung ausgeführt. Scanne deshalb erneut dein System, aber lösche zuvor die mwav.log und stelle uns die Virus Log Information zur Verfügung.
__________________
Gruß, Cidre


Antwort

Themen zu Hilfe bei Auswertung
.dll, adobe, avkwctl.exe, c:\windows\system32\services.exe, einstellungen, explorer, file missing, hijack, hijackthis, iexplore.exe, internet, internet explorer, logfile, logon.exe, nvidia, object, opera.exe, prozesse, scan, services.exe, sicherheit, software, svchost.exe, system, temp, toolbars, urlsearchhook, viele viren, viren, windows, windows xp, winlogon.exe



Ähnliche Themen: Hilfe bei Auswertung


  1. Hilfe bei der Auswertung
    Log-Analyse und Auswertung - 28.02.2009 (1)
  2. Hilfe bei Auswertung
    Mülltonne - 17.10.2008 (0)
  3. Hilfe bei der Auswertung
    Log-Analyse und Auswertung - 05.09.2008 (16)
  4. Hilfe bei der Auswertung
    Mülltonne - 26.06.2008 (0)
  5. Auswertung und Hilfe
    Log-Analyse und Auswertung - 15.06.2008 (2)
  6. Hilfe bei HJT & RR Auswertung
    Log-Analyse und Auswertung - 18.02.2008 (4)
  7. Viren??Würmer..HILFE! Bitte um Hilfe bei der Auswertung meines hijackthis-log
    Mülltonne - 14.11.2007 (0)
  8. Hilfe bei Log-Auswertung
    Plagegeister aller Art und deren Bekämpfung - 21.08.2006 (1)
  9. Hilfe bei Auswertung
    Log-Analyse und Auswertung - 21.01.2006 (4)
  10. Hilfe bei der Auswertung
    Log-Analyse und Auswertung - 16.06.2005 (1)
  11. Hilfe! Auswertung
    Log-Analyse und Auswertung - 05.06.2005 (1)
  12. Hilfe bei Auswertung!!!
    Log-Analyse und Auswertung - 22.02.2005 (7)
  13. Hilfe bei Auswertung
    Log-Analyse und Auswertung - 12.02.2005 (4)
  14. Hilfe bei Auswertung
    Log-Analyse und Auswertung - 11.12.2004 (1)
  15. hilfe bei der auswertung
    Log-Analyse und Auswertung - 14.11.2004 (13)
  16. Hilfe bei Auswertung
    Log-Analyse und Auswertung - 19.09.2004 (4)
  17. Hilfe bei Log-Auswertung
    Log-Analyse und Auswertung - 26.08.2004 (2)

Zum Thema Hilfe bei Auswertung - Ich habe mir mittlerweile mit Sicherheit verdammt viele Viren und Würmer eingefangen, die ich nicht wegbekomme. Nun habe ich von HijackThis gehört und wollte das mal testen. Zum Beispiel hab - Hilfe bei Auswertung...
Archiv
Du betrachtest: Hilfe bei Auswertung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.