Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte um Auswertung.... BDS/Agent.AY (https://www.trojaner-board.de/20078-bitte-um-auswertung-bds-agent-ay.html)

Boersianer 22.07.2005 13:54
Bitte um Auswertung.... BDS/Agent.AY
 
Logfile of HijackThis v1.99.1
Scan saved at 14:35:59, on 22.07.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Borland\Interbase\Bin\IBGuard.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\Programme\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TOBITA~1\TAVFDSrv.EXE
C:\Programme\Borland\Interbase\Bin\IBServer.exe
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programme\Analog Devices\SoundMAX\Smax4.exe
C:\Programme\Intel\Intel(R) Active Monitor\imontray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\Tobit AntiVirus For Desktops\TAVfD.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Program Files\Altnet\Points Manager\Points Manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\Programme\Gemeinsame Dateien\Sonic Shared\cinetray.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\TEAM-LOG2\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programme\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programme\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Programme\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Tobit AntiVirus for Desktops] C:\Programme\Tobit AntiVirus For Desktops\TAVfD.exe -HIDE
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\Kazaa.exe /SYSTRAY
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Startup: Sonic CinePlayer Quick Launch.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Programme\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZCxdm538YYDE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...p1.0.0.8-2.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BC26CD9-6A96-4398-999B-306B21D8FB36}: NameServer = 192.168.0.99
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Programme\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Interbase Guardian (InterbaseGuardian) - FirebirdSQL Project - C:\Programme\Borland\Interbase\Bin\IBGuard.EXE
O23 - Service: Interbase Sever (InterbaseServer) - FirebirdSQL Project - C:\Programme\Borland\Interbase\Bin\IBServer.exe
O23 - Service: McShield (Mcshield) - Unknown owner - C:\Programme\Gemeinsame Dateien\McAfee\McShield\Mcshield.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Tobit AntiVirus for Desktops Service (TAVFDService) - Tobit Software - C:\PROGRA~1\TOBITA~1\TAVFDSrv.EXE

Danke schön im voraus!!!!!!!!!!!!!!!

felix1 22.07.2005 14:54
Um zu wissen, welche Dateien infiziert sind, mache genau nach Anleitung:
http://www.trojaner-board.de/showthread.php?t=17492

Sowas kann schnell mal beim Herumeseln passieren.

Boersianer 23.07.2005 12:28
So hab e-Scan mal drüber laufen lassen, hier die Funde mit infect:

Fri Jul 22 16:15:08 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)!
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({9bbcf06c-dcd7-495d-80df-cdd5399d0ff8})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware ({ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb})! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (adm4.adm4)! Action taken: No Action Taken.
Fri Jul 22 16:15:08 2005 => System found infected with altnetbde Spyware/Adware (adm25.adm25)! Action taken: No Action Taken.
2005 => System found infected with funweb Spyware/Adware ({CFF4CE82-3AA2-451F-9B77-7165605FB835})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({B813095C-81C0-4E40-AA14-67520372B987})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({147A976F-EEE1-4377-8EA7-4716E4CDD239})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({0F8ECF4F-3646-4C3A-8881-8E138FFCAF70})! Action taken: No Action Taken.
Fri Jul 22 16:15:12 2005 => System found infected with funweb Spyware/Adware ({00A6FAF6-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:15:13 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken.
Fri Jul 22 16:15:13 2005 => System found infected with gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
Fri Jul 22 16:15:13 2005 => System found infected with ibis Spyware/Adware ({1d4db7d2-6ec9-47a3-bd87-1e41684e07bb})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({0494D0D1-F8E0-41ad-92A3-14154ECE70AC})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({3646C2BD-3554-49CA-8125-44DEEFB881DE})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mybar Spyware/Adware ({3f4d4f88-0198-4921-b630-957f3eb814e0})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware (MyWebSearch Email Plugin.lnk)! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware (f3initialsetup1.0.0.8-2.inf)! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({ADB01E81-3C79-4272-A0F1-7B2BE7A782DC})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({9FF05104-B030-46FC-94B8-81276E4E27DF})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({938AA51A-996C-4884-98CE-80DD16A5C9DA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({7473D292-B7BB-4f24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({F42228FB-E84E-479E-B922-FBBD096E792C})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({7473D290-B7BB-4F24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({29D67D3C-509A-4544-903F-C8C1B8236554})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA1-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAA-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAC-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2B-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2D-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({00A6FAF1-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA0-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({8E6F1830-9607-4440-8530-13BE7C4B1D14})! Action taken: No Action Taken.
Fri Jul 22 16:15:15 2005 => System found infected with mywebsearch Spyware/Adware ({E47CAEE0-DEEA-464A-9326-3F2801535A4D})! Action taken: No Action Taken.
Fri Jul 22 16:15:17 2005 => System found infected with webp2p Spyware/Adware ({1D6711C8-7154-40BB-8380-3DEA45B69CBF})! Action taken: No Action Taken.
Fri Jul 22 16:19:58 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Fri Jul 22 16:34:08 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Jul 22 16:34:08 2005 => System found infected with altnetbde Spyware/Adware ({9bbcf06c-dcd7-495d-80df-cdd5399d0ff8})! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware ({ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb})! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware (adm4.adm4)! Action taken: No Action Taken.
Fri Jul 22 16:34:09 2005 => System found infected with altnetbde Spyware/Adware (adm25.adm25)! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({CFF4CE82-3AA2-451F-9B77-7165605FB835})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({B813095C-81C0-4E40-AA14-67520372B987})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({147A976F-EEE1-4377-8EA7-4716E4CDD239})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({0F8ECF4F-3646-4C3A-8881-8E138FFCAF70})! Action taken: No Action Taken.
Fri Jul 22 16:34:30 2005 => System found infected with funweb Spyware/Adware ({00A6FAF6-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:34:32 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken.
Fri Jul 22 16:34:33 2005 => System found infected with gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
Fri Jul 22 16:34:36 2005 => System found infected with ibis Spyware/Adware ({1d4db7d2-6ec9-47a3-bd87-1e41684e07bb})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({0494D0D1-F8E0-41ad-92A3-14154ECE70AC})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({3646C2BD-3554-49CA-8125-44DEEFB881DE})! Action taken: No Action Taken.
Fri Jul 22 16:34:46 2005 => System found infected with mybar Spyware/Adware ({3f4d4f88-0198-4921-b630-957f3eb814e0})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware (MyWebSearch Email Plugin.lnk)! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware (f3initialsetup1.0.0.8-2.inf)! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({ADB01E81-3C79-4272-A0F1-7B2BE7A782DC})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({9FF05104-B030-46FC-94B8-81276E4E27DF})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({938AA51A-996C-4884-98CE-80DD16A5C9DA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({7473D292-B7BB-4f24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({F42228FB-E84E-479E-B922-FBBD096E792C})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({7473D290-B7BB-4F24-AE82-7E2CE94BB6A9})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({29D67D3C-509A-4544-903F-C8C1B8236554})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA1-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAA-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EAC-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2B-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({63D0ED2D-B45B-4458-8B3B-60C69BBBD83C})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({00A6FAF1-072E-44cf-8957-5838F569A31D})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({07B18EA0-A523-4961-B6BB-170DE4475CCA})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({8E6F1830-9607-4440-8530-13BE7C4B1D14})! Action taken: No Action Taken.
Fri Jul 22 16:34:47 2005 => System found infected with mywebsearch Spyware/Adware ({E47CAEE0-DEEA-464A-9326-3F2801535A4D})! Action taken: No Action Taken.
Fri Jul 22 16:34:58 2005 => System found infected with webp2p Spyware/Adware ({1D6711C8-7154-40BB-8380-3DEA45B69CBF})! Action taken: No Action Taken.
Fri Jul 22 16:48:43 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*

Fri Jul 22 17:42:02 2005 => ***** Scanning complete. *****

Fri Jul 22 17:42:02 2005 => Total Objects Scanned: 40793
Fri Jul 22 17:42:02 2005 => Total Virus(es) Found: 94
Fri Jul 22 17:42:02 2005 => Total Disinfected Files: 0
Fri Jul 22 17:42:02 2005 => Total Files Renamed: 0
Fri Jul 22 17:42:02 2005 => Total Deleted Objects: 0
Fri Jul 22 17:42:02 2005 => Total Errors: 54
Fri Jul 22 17:42:02 2005 => Time Elapsed: 01:09:01
Fri Jul 22 17:42:02 2005 => Virus Database Date: 2005/07/22
Fri Jul 22 17:42:02 2005 => Virus Database Count: 139351

Fri Jul 22 17:42:02 2005 => Scan Completed.

felix1 23.07.2005 17:27
Lade und update Ad-aware und lasse das Programm laufen.
http://www.lavasoft.de/support/download/
Update Spybot und lasse auch das durchlaufen.
Anschließend nochmal einen escan und hier posten.

Bezüglich dieser Sachen würde ich mir schon Gedanken machen:
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\Kazaa.exe /SYSTRAY
Aber wers braucht?

Boersianer 25.07.2005 12:49
Auf ein Neues, jetzt sind es schon mal nicht ganz so viele!!!


Mon Jul 25 11:18:31 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Mon Jul 25 11:18:31 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Mon Jul 25 11:18:31 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Mon Jul 25 11:19:20 2005 => System found infected with webp2p Spyware/Adware ({1D6711C8-7154-40BB-8380-3DEA45B69CBF})! Action taken: No Action Taken.
Mon Jul 25 11:27:48 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*

Mon Jul 25 11:51:46 2005 => File C:\WINDOWS\system32\f3PSSavr.scr tagged as "not-a-virus:AdWare.ToolBar.MyWebSearch". Action Taken: No Action Taken.
Mon Jul 25 11:30:32 2005 => File C:\Programme\Kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Altnet.d". Action Taken: No Action Taken.



Mon Jul 25 11:55:14 2005 => ***** Scanning complete. *****

Mon Jul 25 11:55:14 2005 => Total Objects Scanned: 40793
Mon Jul 25 11:55:14 2005 => Total Virus(es) Found: 9
Mon Jul 25 11:55:14 2005 => Total Disinfected Files: 0
Mon Jul 25 11:55:14 2005 => Total Files Renamed: 0
Mon Jul 25 11:55:14 2005 => Total Deleted Objects: 0
Mon Jul 25 11:55:14 2005 => Total Errors: 191
Mon Jul 25 11:55:14 2005 => Time Elapsed: 00:44:16
Mon Jul 25 11:55:14 2005 => Virus Database Date: 2005/07/22
Mon Jul 25 11:55:14 2005 => Virus Database Count: 139351

Mon Jul 25 11:55:14 2005 => Scan Completed.

Mon Jul 25 13:44:11 2005 => Virus Database Date: 2005/07/22
Mon Jul 25 13:44:11 2005 => Virus Database Count: 139351
Mon Jul 25 13:44:14 2005 => AV Library Unloaded (3)...

felix1 25.07.2005 13:58
Lese das durch und führe aus:
http://www.trojaner-board.de/showthread.php?t=16382


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:47 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131