Tue Jun 21 15:23:37 2005 => File C:\DOKUME~1\MEIKEB~1\LOKALE~1\TEMPOR~1\Content.IE5\M98FA525\svcproc[1].exe infected by "Trojan.Win32.Stervis.c" Virus! Action Taken: No Action Taken.



Tue Jun 21 15:23:58 2005 => File C:\DOKUME~1\MEIKEB~1\LOKALE~1\TEMPOR~1\Content.IE5\O1SRKNSB\x[1].exe infected by "Trojan.Win32.Dialer.gd" Virus! Action Taken: No Action Taken.

Tue Jun 21 15:23:50 2005 => File C:\DOKUME~1\MEIKEB~1\LOKALE~1\TEMPOR~1\Content.IE5\O1SRKNSB\Poller[1].exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.

Tue Jun 21 15:23:37 2005 => File C:\DOKUME~1\MEIKEB~1\LOKALE~1\TEMPOR~1\Content.IE5\M98FA525\svcproc[1].exe infected by "Trojan.Win32.Stervis.c" Virus! Action Taken: No Action Taken.

Tue Jun 21 15:22:56 2005 => File C:\DOKUME~1\MEIKEB~1\LOKALE~1\TEMPOR~1\Content.IE5\C5Y7412J\pdp[1].exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.

Tue Jun 21 15:19:43 2005 => File C:\WINDOWS\System32\pxpcya64.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.

Tue Jun 21 15:18:35 2005 => File C:\WINDOWS\System32\drv2cltr.dll infected by "Trojan-PSW.Win32.Agent.am" Virus! Action Taken: No Action Taken.


Tue Jun 21 15:18:35 2005 => File C:\WINDOWS\System32\DrPMon.dll infected by "Trojan.Win32.Agent.db" Virus! Action Taken: No Action Taken.


Tue Jun 21 15:18:09 2005 => File C:\WINDOWS\System32\alrldl.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.

Tue Jun 21 15:18:05 2005 => File C:\WINDOWS\rrgaihqmtb.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.

Tue Jun 21 15:18:04 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.

Tue Jun 21 15:18:02 2005 => File C:\WINDOWS\eqxzxl.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.

Tue Jun 21 15:17:09 2005 => ***** Scanning Registry for errors created because of Adware/Spyware *****
Tue Jun 21 15:17:10 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\web_mediumtrust.config.default". Action Taken: No Action Taken.

Tue Jun 21 15:17:10 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\web_minimaltrust.config.default". Action Taken: No Action Taken.

Tue Jun 21 15:17:10 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\web_minimaltrust.config". Action Taken: No Action Taken.

Tue Jun 21 15:17:10 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\XPThemes.manifest". Action Taken: No Action Taken.

Tue Jun 21 15:17:14 2005 => Entry "HKCR\CLSID\{14FFF5DC-FEAA-6F7E-07E1-909D9649D408}" refers to invalid object "TemplateDongle.dll". Action Taken: No Action Taken.

Tue Jun 21 15:17:25 2005 => Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.

Tue Jun 21 15:17:27 2005 => Entry "HKCR\CLSID\{AF8BA81F-D419-44C5-B252-CDEF9942CDFE}" refers to invalid object "vr_sys.dll". Action Taken: No Action Taken.

Tue Jun 21 15:17:32 2005 => Entry "HKCR\CLSID\{E6FB14A3-3332-4812-BC84-B4BD90D4139A}" refers to invalid object "C:\WINDOWS\System32\afppz.dll". Action Taken: No Action Taken.

Tue Jun 21 15:17:38 2005 => Entry "HKCR\ActMsg.Session" refers to invalid object "{3FA7DEB3-6438-101B-ACC1-00AA00423326}". Action Taken: No Action Taken.

Tue Jun 21 15:17:41 2005 => Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.

Tue Jun 21 15:17:41 2005 => Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.

Tue Jun 21 15:17:44 2005 => Entry "HKCR\DSP.DSP" refers to invalid object "{9C123EA9-AEC9-4f75-BBC0-7565FA1398966}". Action Taken: No Action Taken.

Tue Jun 21 15:17:44 2005 => Entry "HKCR\DSP.DSPDMOProp_Chorus.1" refers to invalid object "{6F63B172-5543-4593-91CE-EDBA65B9FACDB}". Action Taken: No Action Taken.

Tue Jun 21 15:17:49 2005 => Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.

Tue Jun 21 15:17:49 2005 => Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.

Tue Jun 21 15:17:49 2005 => Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.

Tue Jun 21 15:17:54 2005 => Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.

Tue Jun 21 15:17:54 2005 => Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.

Tue Jun 21 15:17:57 2005 => Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken.

Tue Jun 21 15:18:00 2005 => Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.

Tue Jun 21 15:18:00 2005 => Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.


Tue Jun 21 15:15:58 2005 => ***** Scanning Registry and File system for Adware/Spyware *****
Tue Jun 21 15:16:00 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Tue Jun 21 15:16:00 2005 => Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue Jun 21 15:16:17 2005 => Offending value found in HKLM\Software\microsoft\downloadmanager !!!
Tue Jun 21 15:16:17 2005 => Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue Jun 21 15:15:55 2005 => File C:\WINDOWS\svcproc.exe infected by "Trojan.Win32.Stervis.c" Virus! Action Taken: No Action Taken.


Tue Jun 21 15:15:46 2005 => ERROR!!! Invalid Entry %SystemRoot%\System32\Ati2evx in SYSTEM\CurrentControlSet\Services\Ati HotKey Poller...

Tue Jun 21 15:15:44 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Tue Jun 21 15:15:44 2005 => Scanning File C:\WINDOWS\System32\ctfmon.exe
Tue Jun 21 15:15:44 2005 => Scanning File C:\Programme\Messenger\msmsgs.exe
Tue Jun 21 15:15:44 2005 => ERROR!!! Invalid Entry WareOut = "C:\Programme\WareOut\WareOut.exe" (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Tue Jun 21 15:15:44 2005 => ERROR!!! Invalid Entry wupd = C:\WINDOWS\System32\win32.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Tue Jun 21 15:15:44 2005 => ERROR!!! Invalid Entry NSYSCPLSTR = corrida.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Tue Jun 21 15:15:44 2005 => ERROR!!! Invalid Entry SAPSTR = LOPTCON.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Tue Jun 21 15:15:44 2005 => ERROR!!! Invalid Entry WTFCTF = SysEntry.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.


Tue Jun 21 15:15:44 2005 => File c:\windows\system32\zolful.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.

Tue Jun 21 15:15:43 2005 => ERROR!!! Invalid Entry driver64 = iesetupdll.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Tue Jun 21 15:15:43 2005 => ERROR!!! Invalid Entry UserSp1 = NopeZ.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.

Tue Jun 21 15:15:31 2005 => File C:\WINDOWS\q287968_disk.dll infected by "Trojan-Downloader.Win32.Delf.pa" Virus! Action Taken: No Action Taken.


Tue Jun 21 15:15:31 2005 => ERROR!!! Invalid Entry = C:\WINDOWS\System32\afppz.dll (in key Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{E6FB14A3-3332-4812-BC84-B4BD90D4139A}). No Action Taken.

Tue Jun 21 15:15:30 2005 => ERROR!!! Invalid Entry System = vr_sys.dll (in key SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad). No Action Taken.

Tue Jun 21 15:15:25 2005 => File c:\windows\system32\zolful.exe infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken.

Tue Jun 21 15:15:18 2005 => File C:\WINDOWS\q287968_disk.dll infected by "Trojan-Downloader.Win32.Delf.pa" Virus! Action Taken: No Action Taken.

Eine Lösung findest du hier.

Warum:
http://www.sophos.de/virusinfo/analy...ojagentdb.html

Zitat:

Nebeneffekte
Ermöglicht Dritten den Zugriff auf den Computer

Mit anderen Worten ich muss meinen Rechner neu konfigurieren?

Zitat:

Zitat von meike

Mit anderen Worten ich muss meinen Rechner neu konfigurieren?

Mit anderen Worten:
Du musst das System plattmachen, neu aufsetzen und dann vernünftig konfigurieren.