Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Kann es einer anschauen... (https://www.trojaner-board.de/22337-anschauen.html)

Greko 01.10.2005 06:27
Kann es einer anschauen...
 
ich habe die vermutung, dass ich bei meiner Rechner Viren habe.. laut eScan waren 97 Dateien infiziert..

Hier erstmal mein HiJackThis File...

Logfile of HijackThis v1.99.1
Scan saved at 07:27:20, on 01.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\mHotkey.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Dit.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\program files\altnet\points manager\points manager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\Programme\CA\eTrust Antivirus\InoRpc.exe
C:\Programme\CA\eTrust Antivirus\InoRT.exe
C:\Programme\CA\eTrust Antivirus\InoTask.exe
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\PROGRA~1\CA\SHARED~1\SCANEN~1\InoDist.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ISW\alice\signup\connctas.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\ISW\alice\signup\Tray.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\Osman\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.alice-dsl.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.alice-dsl.de
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: InstaFinderK - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [KAZAA] C:\Programme\Kazaa\kazaa.exe /SYSTRAY
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://h**p://ky.bar.need2find.com/K...arch.html?p=KY
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=h**p://www.msn.de/
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - h**p://software-dl.real.com/23ea10ffae3267990f05/netzip/RdxIE601_de.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093861551859
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F7A2EE1-611A-4BFF-A98B-A81055FF841F}: NameServer = 213.191.74.11 213.191.92.82
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programme\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe


Und hier ist eScan Logfile: (infected)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Fri Sep 30 21:37:13 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({1d3bce37-7834-4579-8169-e67681420a98})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({1d6711c8-7154-40bb-8380-3dea45b69cbf})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with mybar Spyware/Adware ({3646c2bd-3554-49ca-8125-44deefb881de})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with mybar Spyware/Adware ({3f4d4f88-0198-4921-b630-957f3eb814e0})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with need2find bar Spyware/Adware ({4d1c4e81-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with netster Spyware/Adware ({56336bcb-3d8a-11d6-a00b-0050da18de71})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with altnetbde Spyware/Adware ({9bbcf06c-dcd7-495d-80df-cdd5399d0ff8})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({c15b7ea2-a360-43e8-a591-5faedc7c4e1d})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({c91e8926-d4be-4685-99f4-0d996b96bac0})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with p2p networking Spyware/Adware ({cc7a6223-3759-4075-8cea-971f5cfc0ed2})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({def37997-d9c9-4a4b-bf3c-88f99eaceec2})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with need2find bar Spyware/Adware ({4d1c4e81-a32a-416b-bcdb-33b3ef3617d3})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({1d6711c8-7154-40bb-8380-3dea45b69cbf})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with netster Spyware/Adware ({56336bcb-3d8a-11d6-a00b-0050da18de71})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Sep 30 21:37:13 2005 => System found infected with kazaa Spyware/Adware ({99a8e2b2-3405-4c0d-9110-131c14caaf62})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with p2p networking Spyware/Adware ({f720b40f-3a38-4b22-b30d-dcf095d42498})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({16097036-894c-4c00-a61f-93ca0d49a70e})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({1b540d44-3f61-4394-ae30-25fdc3649405})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({258a3625-183b-4477-aee2-ea54df6d878d})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({29e825aa-13bc-457c-806a-d72e4a25b3c5})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({2ed5af98-9258-45ba-b79b-06625c92f662})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({700dc0dd-f409-42e0-9de5-21ee1a2ba9fd})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({9d4548ce-92fd-4c6c-ae7f-3dbe3bc763d8})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with altnetbde Spyware/Adware ({ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with kazaa Spyware/Adware ({c91e8926-d4be-4685-99f4-0d996b96bac0})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({ce9b37ec-d243-47a2-83db-3a8350175193})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({d273d427-57c6-4b12-860f-bbb8195f6e2a})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({e79dadc6-18d0-4a2a-831f-d196d41f8438})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with altnetbde Spyware/Adware ({e813099d-5529-47f4-9b37-4afafcb00a43})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with cydoor.topicks.a Spyware/Adware ({fd42f6d3-7ab1-470c-979b-7996edc99099})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with altnetbde Spyware/Adware ({8b0fef15-54dc-49f5-8377-8172de975f75})! Action taken: No Action Taken.
Fri Sep 30 21:38:19 2005 => System found infected with kazaa Spyware/Adware ({99a8e2b2-3405-4c0d-9110-131c14caaf62})! Action taken: No Action Taken.
Fri Sep 30 21:38:22 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
Fri Sep 30 21:38:22 2005 => System found infected with p2p networking Spyware/Adware (webp2pinstaller.dll)! Action taken: No Action Taken.
Fri Sep 30 21:38:23 2005 => System found infected with cydoor Spyware/Adware (cd_clint.dll)! Action taken: No Action Taken.
Fri Sep 30 21:38:24 2005 => System found infected with p2p networking Spyware/Adware (p2p networking v126.cpl)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with cws.therealsearch Spyware/Adware (waol.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Fri Sep 30 21:38:26 2005 => System found infected with cws.therealsearch Spyware/Adware (waol.exe)! Action taken: No Action Taken.
Fri Sep 30 22:23:53 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\curing_an_infected_file_after_a_scan.html
Fri Sep 30 22:23:53 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\deleting_an_infected_file_after_a_scan.html
Fri Sep 30 22:23:58 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\infected_files.html
Fri Sep 30 22:23:58 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\infected_files_02.html
Fri Sep 30 22:23:58 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\infected_object.html
Fri Sep 30 22:24:00 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\moving_an_infected_file_after_a_scan.html
Fri Sep 30 22:24:07 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\remove_infected_macros.html
Fri Sep 30 22:24:08 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\renaming_an_infected_file_after_a_scan.html
Fri Sep 30 22:24:10 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\send_infected_files_only.html
Fri Sep 30 22:24:15 2005 => Scanning File C:\Programme\CA\eTrust Antivirus\Lang\German\Help\inocit\viewing_details_about_an_infected_file.html
Fri Sep 30 23:54:48 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Fri Sep 30 21:36:39 2005 => File C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL tagged as "not-a-virus:AdWare.Win32.MySearch.e". Action Taken: No Action Taken.
Fri Sep 30 21:36:39 2005 => File C:\Programme\INSTAFINK\instafink.dll tagged as "not-a-virus:AdWare.Win32.404Search.h". Action Taken: No Action Taken.
Fri Sep 30 21:36:50 2005 => File c:\PROGRA~2\altnet\POINTS~1\POINTS~1.EXE tagged as "not-a-virus:AdWare.Win32.Altnet.h". Action Taken: No Action Taken.
Fri Sep 30 22:01:32 2005 => File C:\Dokumente und Einstellungen\Yusuf\Lokale Einstellungen\Temp\asmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.l". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\adm25.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\adm4.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\adm4005.exe tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\admdloader.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.3039". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\admfdi.dll tagged as "not-a-virus:AdWare.Win32.Altnet.j". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\admprog.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 22:15:30 2005 => File C:\Program Files\Altnet\Download Manager\altnetuninstall.exe tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken.
Fri Sep 30 22:15:31 2005 => File C:\Program Files\Altnet\Download Manager\asm.exe tagged as "not-a-virus:AdWare.Win32.Altnet.l". Action Taken: No Action Taken.
Fri Sep 30 22:15:31 2005 => File C:\Program Files\Altnet\Download Manager\asmps.dll tagged as "not-a-virus:AdWare.Win32.Altnet.b". Action Taken: No Action Taken.
Fri Sep 30 22:15:34 2005 => File C:\Program Files\Altnet\Points Manager\sysdetect.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.1007". Action Taken: No Action Taken.
Fri Sep 30 22:42:19 2005 => File C:\Programme\INSTAFINK\InstaFinderK_inst.exe tagged as "not-a-virus:AdWare.Win32.404Search.h". Action Taken: No Action Taken.
Fri Sep 30 22:42:43 2005 => File C:\Programme\Kazaa\TopSearch.dll tagged as "not-a-virus:AdWare.Win32.Altnet.d". Action Taken: No Action Taken.
Fri Sep 30 23:09:19 2005 => File C:\Programme\Need2Find\bar\1.bin\N2PLUGIN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.l". Action Taken: No Action Taken.
Fri Sep 30 23:09:19 2005 => File C:\Programme\Need2Find\bar\1.bin\NPND2FN.DLL tagged as "not-a-virus:AdWare.Win32.MyWebSearch.o". Action Taken: No Action Taken.
Fri Sep 30 23:32:26 2005 => File C:\WINDOWS\system32\cd_clint.dll tagged as "not-a-virus:AdWare.Win32.Cydoor". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Adware\InstaFinderK_inst.exe tagged as "not-a-virus:AdWare.Win32.404Search.h". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Altnet\adm.exe tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Altnet\adm25.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:05 2005 => File C:\WINDOWS\Temp\Altnet\adm4.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\admdloader.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.3039". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\admfdi.dll tagged as "not-a-virus:AdWare.Win32.Altnet.j". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\admprog.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\dmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken.
Fri Sep 30 23:42:06 2005 => File C:\WINDOWS\Temp\Altnet\mysearch.cab tagged as "not-a-virus:AdWare.Win32.MyWebSearch.o". Action Taken: No Action Taken.
Fri Sep 30 23:42:07 2005 => File C:\WINDOWS\Temp\Altnet\pmexe.cab tagged as "not-a-virus:AdWare.Win32.Altnet.h". Action Taken: No Action Taken.
Fri Sep 30 23:42:07 2005 => File C:\WINDOWS\Temp\Altnet\pmfiles.cab tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.1007". Action Taken: No Action Taken.
Fri Sep 30 23:42:07 2005 => File C:\WINDOWS\Temp\Altnet\Setup.exe tagged as "not-a-virus:AdWare.Win32.Altnet.b". Action Taken: No Action Taken.
Fri Sep 30 23:42:42 2005 => File D:\Remote\TWD.zip tagged as not-a-virus:RemoteAdmin.Win32.RA.51122. No Action Taken.
Fri Sep 30 23:42:42 2005 => File D:\Remote\_FUNZT_TWD Remote Anything 5.11.2\install\Master.exe tagged as not-a-virus:RemoteAdmin.Win32.RA.51122. No Action Taken.
Fri Sep 30 23:42:42 2005 => File D:\Remote\_FUNZT_TWD Remote Anything 5.11.2\install\player.exe tagged as not-a-virus:RemoteAdmin.Win32.RA.2929. No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\instafink !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\p2p networking !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\magnet\handlers\kazaa !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\altnet !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\cydoor !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\gator.com !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\kazaa !!!
Fri Sep 30 21:38:21 2005 => Offending Key found: HKLM\Software\p2p networking !!!
Fri Sep 30 21:38:21 2005 => Offending Folder found: C:\WINDOWS\cache329
Fri Sep 30 21:38:22 2005 => Offending file found: C:\WINDOWS\smdat32a.sys
Fri Sep 30 21:38:22 2005 => Offending file found: C:\WINDOWS\DOWNLO~1\webp2pinstaller.dll
Fri Sep 30 21:38:22 2005 => Offending Folder found: C:\WINDOWS\TEMP\adware
Fri Sep 30 21:38:22 2005 => Offending Folder found: C:\WINDOWS\TEMP\altnet
Fri Sep 30 21:38:23 2005 => Offending Folder found: C:\WINDOWS\system32\adcache
Fri Sep 30 21:38:23 2005 => Offending file found: C:\WINDOWS\system32\cd_clint.dll
Fri Sep 30 21:38:24 2005 => Offending Folder found: C:\WINDOWS\system32\p2p networking
Fri Sep 30 21:38:24 2005 => Offending file found: C:\WINDOWS\system32\p2p networking v126.cpl
Fri Sep 30 21:38:24 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\aol\c_aol 9.0\shopassist\apps\toolbar
Fri Sep 30 23:54:48 2005 => Total Virus(es) Found: 97
Fri Sep 30 23:54:48 2005 => Total Errors: 160
Fri Sep 30 23:54:48 2005 => Time Elapsed: 02:18:33
Fri Sep 30 23:54:48 2005 => Total Objects Scanned: 127402
Fri Sep 30 21:35:38 2005 => Virus Database Date: 2005/09/30
Fri Sep 30 21:35:49 2005 => Virus Database Date: 2005/09/30
Fri Sep 30 23:54:48 2005 => Virus Database Date: 2005/09/30
Sat Oct 01 07:15:34 2005 => Virus Database Date: 2005/09/30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~



Danke für die Hilfe...

Greko

Rene-gad 01.10.2005 08:43
@Greko
Erstmal deinstalliere Kazaa & Co, dann lasse AdAware und Spybot Search & Destroy laufen, dann wiederhole eScan.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:04 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131