wieder mal ein hilfe schrei
 

hallihallo

ich bitte euch wieder mal um hilfe da meine kiste einfach nicht mehr macht was ich will und format c unbedingt vermeiden will.

mein problem ist, das er mir sagt ich hätte keine admin rechte mehr, kann keine progs löschen oder neu installieren. ich hab mal hijackthis laufen lassen und alles gefixt was ich fixen konnte. einige böse dinger aber ignorieren das :mad:

im moment sieht das ganze so aus
http://www.hijackthis.de/logfiles/54...dfe3aab94.html

bitte bitte helft mir meinen rechner wieder so her zu richten das ich wieder freude daran habe ihn eun zu schalten.
vielen dank schon mal im voraus

Servus!
Lass mal escan nach Cidres Anleitung http://www.trojaner-board.de/showthread.php?t=17492 im abgesicherten Modus http://www.systemwiederherstellung-d...indows-xp.html laufen und poste anschließend das Ergebnis von Hauis45´s 'find.bat' (ist in der Anleitung ebenfalls beschrieben). Halte Dich genau an diese Anleitung (Speicherort von escan-entpacken nach C:\bases_x, update vor dem Scan, Spracheinstellung "English", alle Häkchen wie beschrieben setzen) sonst funktioniert die find.bat nicht. Lies´ die Anleitung zuerst ganz durch, sonst übersiehst Du vielleicht etwas!
stupormundi

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Nov 14 16:01:59 2005 => System found infected with dyfuca Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with mybar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with mybar Spyware/Adware ({0494d0d1-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with windupdates.media pass Spyware/Adware ({1e5f0d38-214b-4085-ad2a-d2290e6a2d2c})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with adware.zangosearch Spyware/Adware ({21b4acc4-8874-4aec-aeac-f567a249b4d4})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with kazaa Spyware/Adware ({66fc8717-efa7-4546-8c4a-e224f3a80c76})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with ad-protect Spyware/Adware ({b51dc573-e998-4834-9b45-bab7c2ae0a75})! Action taken: No Action Taken.
Mon Nov 14 16:01:59 2005 => System found infected with gain dashbar Spyware/Adware ({cc90cda0-74a0-45b4-80ef-d89ca8c249b8})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with mybar Spyware/Adware ({0494d0d9-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with dyfuca Spyware/Adware ({00000010-6f7d-442c-93e3-4a4827c2e4c8})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with mybar Spyware/Adware ({0494d0d1-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with adware.zangosearch Spyware/Adware ({21b4acc4-8874-4aec-aeac-f567a249b4d4})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with ad-protect Spyware/Adware ({b51dc573-e998-4834-9b45-bab7c2ae0a75})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Mon Nov 14 16:02:00 2005 => System found infected with windupdates.media pass Spyware/Adware ({735c5a0c-f79f-47a1-8ca1-2a2e482662a8})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with media pass Spyware/Adware ({15696ae2-6ea4-47f4-bea6-a3d32693efc7})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with media pass Spyware/Adware ({00ada225-ea6c-4fb3-82e8-68189201ccb9})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with myway Spyware/Adware ({0494d0d4-f8e0-41ad-92a3-14154ece70ac})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with bonzibuddy Spyware/Adware ({0a45db4d-bd0d-11d2-8d14-00104b9e072a})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with bonzibuddy Spyware/Adware ({0a45db4e-bd0d-11d2-8d14-00104b9e072a})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with dyfuca Spyware/Adware ({1c01d150-91a4-4de0-9bf8-a35d1bdf1001})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with bonzibuddy Spyware/Adware ({e91e27a2-c5ae-11d2-8d1b-00104b9e072a})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Mon Nov 14 16:03:28 2005 => System found infected with windupdates.media pass Spyware/Adware ({735c5a0c-f79f-47a1-8ca1-2a2e482662a8})! Action taken: No Action Taken.
Mon Nov 14 16:03:30 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
Mon Nov 14 16:03:30 2005 => System found infected with windupdate Spyware/Adware (ide21201.vxd)! Action taken: No Action Taken.
Mon Nov 14 16:03:30 2005 => System found infected with ezula Spyware/Adware (instsrv.exe)! Action taken: No Action Taken.
Mon Nov 14 16:03:30 2005 => System found infected with globosearch Spyware/Adware (popup_bl.dll)! Action taken: No Action Taken.
Mon Nov 14 16:03:38 2005 => System found infected with whistlesoftware Spyware/Adware (uninstall.ini)! Action taken: No Action Taken.
Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (mdx.dll)! Action taken: No Action Taken.
Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (moo.dll)! Action taken: No Action Taken.
Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (views.mdx)! Action taken: No Action Taken.
Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (remote.ini)! Action taken: No Action Taken.
Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (mdx.dll)! Action taken: No Action Taken.
Mon Nov 14 16:03:38 2005 => System found infected with unknown pest Spyware/Adware (views.mdx)! Action taken: No Action Taken.
Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (mdx.dll)! Action taken: No Action Taken.
Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (views.mdx)! Action taken: No Action Taken.
Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (moo.dll)! Action taken: No Action Taken.
Mon Nov 14 16:03:39 2005 => System found infected with unknown pest Spyware/Adware (remote.ini)! Action taken: No Action Taken.
Mon Nov 14 16:03:43 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:43 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:45 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.
Mon Nov 14 16:03:45 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.
Mon Nov 14 16:03:46 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
Mon Nov 14 16:03:46 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:51 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:52 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
Mon Nov 14 16:03:52 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:53 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken.
Mon Nov 14 16:03:59 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken.
Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Mon Nov 14 16:04:01 2005 => System found infected with istbar Spyware/Adware (loaderx.exe)! Action taken: No Action Taken.
Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: No Action Taken.
Mon Nov 14 16:04:01 2005 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
Mon Nov 14 16:04:01 2005 => System found infected with istbar Spyware/Adware (loaderx.exe)! Action taken: No Action Taken.
Mon Nov 14 16:17:25 2005 => File C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\zcount.jar-2ad46c4b-4c87eb7f.zip infected by "Exploit.Java.ByteVerify" Virus! Action Taken: No Action Taken.
Mon Nov 14 16:59:54 2005 => Scanning File C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal\Infected.wav
Mon Nov 14 17:36:48 2005 => Total Disinfected Files: 0

Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Nov 14 15:55:22 2005 => File C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL tagged as "not-a-virus:AdWare.Win32.MyWay.g". Action Taken: No Action Taken.
Mon Nov 14 15:55:22 2005 => File c:\programme\180searchassistant\sachook.dll tagged as "not-a-virus:AdWare.Win32.180Solutions.p". Action Taken: No Action Taken.
Mon Nov 14 15:57:38 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\hijackthis_199\backups\backup-20051111-102130-886.dll tagged as "not-a-virus:AdWare.Win32.WinAD.af". Action Taken: No Action Taken.
Mon Nov 14 15:58:15 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Nov 14 15:58:26 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Nov 14 15:59:17 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Nov 14 16:00:42 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
Mon Nov 14 16:00:51 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
Mon Nov 14 16:01:06 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL.CRACKED-MiNT\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL\m-su6002\ServUSetup.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.gen. No Action Taken.
Mon Nov 14 16:04:16 2005 => File C:\WINDOWS\azkvmx.exe tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken.
Mon Nov 14 16:04:17 2005 => File C:\WINDOWS\Chat[cfl-10018,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 16:04:26 2005 => File C:\WINDOWS\hausaufgaben.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 16:04:26 2005 => File C:\WINDOWS\IEMenuExtension.exe tagged as "not-a-virus:AdWare.Win32.Ucmore.e". Action Taken: No Action Taken.
Mon Nov 14 16:04:30 2005 => File C:\WINDOWS\p2p.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 16:04:33 2005 => File C:\WINDOWS\radiofox.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 16:04:45 2005 => File C:\WINDOWS\vitalinet[vlt-10011,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 16:07:00 2005 => File C:\WINDOWS\System32\searchdll.dll tagged as "not-a-virus:AdWare.Win32.Serch.a". Action Taken: No Action Taken.
Mon Nov 14 16:07:44 2005 => File C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\DelF.tmp tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken.
Mon Nov 14 16:12:56 2005 => File C:\DOKUME~1\ADMINI~1\LOKALE~1\TEMPOR~1\Content.IE5\QDSTEF85\content23603-0[1].htm tagged as "not-a-virus:AdWare.Win32.Gator.k". Action Taken: No Action Taken.
Mon Nov 14 16:19:16 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\hijackthis_199\backups\backup-20051111-102130-886.dll tagged as "not-a-virus:AdWare.Win32.WinAD.af". Action Taken: No Action Taken.
Mon Nov 14 16:19:52 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Nov 14 16:20:02 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU\IrC-ScRiPt-NeU\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Nov 14 16:20:52 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\IrC-ScRiPt-NeU.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Nov 14 16:22:15 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\Mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
Mon Nov 14 16:22:19 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0\HeadQuarter.mIRC.power.by.Weisseradler.v.3.0.rar tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
Mon Nov 14 16:22:34 2005 => File C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL.CRACKED-MiNT\Serv-U.FTP.Server.v6.0.0.2.Corporate.Edition.WinALL\m-su6002\ServUSetup.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.gen. No Action Taken.
Mon Nov 14 16:23:19 2005 => File C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\DelF.tmp tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken.
Mon Nov 14 16:28:00 2005 => File C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\QDSTEF85\content23603-0[1].htm tagged as "not-a-virus:AdWare.Win32.Gator.k". Action Taken: No Action Taken.
Mon Nov 14 16:32:52 2005 => File C:\Dokumente und Einstellungen\Audion\Lokale Einstellungen\Temp\asmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.l". Action Taken: No Action Taken.
Mon Nov 14 16:33:11 2005 => File C:\Dokumente und Einstellungen\Audion\Lokale Einstellungen\Temp\__unin__.exe tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken.
Mon Nov 14 16:45:52 2005 => File C:\Program Files\hbt\dialers\blondes\blondes.exe tagged as "not-a-virus:Dialer.Win32.gen". Action Taken: No Action Taken.
Mon Nov 14 16:45:52 2005 => File C:\Program Files\Media Access\MediaAccess.exe tagged as "not-a-virus:AdWare.Win32.WinAD.af". Action Taken: No Action Taken.
Mon Nov 14 16:45:52 2005 => File C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Nov 14 16:48:36 2005 => File C:\Programme\DashBar\DashBar15.dll tagged as "not-a-virus:AdWare.Win32.Gator.b". Action Taken: No Action Taken.
Mon Nov 14 16:48:55 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\CMEIIAPI.dll tagged as "not-a-virus:AdWare.Win32.Gator.5115". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GController.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GDwldEng.dll tagged as "not-a-virus:AdWare.Win32.Gator.3124". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIocl.dll tagged as "not-a-virus:AdWare.Win32.Gator.6041". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GIoclClient.dll tagged as "not-a-virus:AdWare.Win32.Gator.6041". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GMTProxy.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GObjs.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStore.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken.
Mon Nov 14 16:48:56 2005 => File C:\Programme\Gemeinsame Dateien\CMEII\GStoreServer.dll tagged as "not-a-virus:AdWare.Win32.Gator.6051". Action Taken: No Action Taken.
Mon Nov 14 16:52:00 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGIEProcess.dll tagged as "not-a-virus:AdWare.Win32.Gator.5017". Action Taken: No Action Taken.
Mon Nov 14 16:52:00 2005 => File C:\Programme\Gemeinsame Dateien\GMT\EGNSEngine.dll tagged as "not-a-virus:AdWare.Win32.Gator.5017". Action Taken: No Action Taken.
Mon Nov 14 16:52:00 2005 => File C:\Programme\Gemeinsame Dateien\GMT\GatorRes.dll tagged as "not-a-virus:AdWare.Win32.Gator.6041". Action Taken: No Action Taken.
Mon Nov 14 16:52:01 2005 => File C:\Programme\Gemeinsame Dateien\GMT\gtrawbm.fil tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.
Mon Nov 14 16:53:23 2005 => File C:\Programme\Gemeinsame Dateien\ptnplnlj\nnptrchh\hpbhbcln.exe tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.
Mon Nov 14 16:53:23 2005 => File C:\Programme\Gemeinsame Dateien\ptnplnlj\pncttpcldl\pfbjbdjar.exe tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.
Mon Nov 14 17:08:04 2005 => File C:\Programme\MyWay\myBar\1.bin\MY2NS.EXE tagged as "not-a-virus:AdWare.Win32.MyWay.b". Action Taken: No Action Taken.
Mon Nov 14 17:08:04 2005 => File C:\Programme\MyWay\myBar\1.bin\NPMYWAY.DLL tagged as "not-a-virus:AdWare.Win32.MyWay.f". Action Taken: No Action Taken.
Mon Nov 14 17:08:10 2005 => File C:\Programme\PrecisionTime\PrecisionTime.exe tagged as "not-a-virus:AdWare.Win32.Gator.2300". Action Taken: No Action Taken.
Mon Nov 14 17:08:10 2005 => File C:\Programme\PrecisionTime\PTUninstaller.exe tagged as "not-a-virus:AdWare.Win32.DashBar.d". Action Taken: No Action Taken.
Mon Nov 14 17:08:12 2005 => File C:\Programme\Serv-U\ServUAdmin.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.5201. No Action Taken.
Mon Nov 14 17:08:12 2005 => File C:\Programme\Serv-U\ServUDaemon.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.gen. No Action Taken.
Mon Nov 14 17:08:12 2005 => File C:\Programme\Serv-U\ServUTray.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.5201. No Action Taken.
Mon Nov 14 17:08:34 2005 => File C:\Programme\TopConverting\arkanoid\arkanoid.exe tagged as "not-a-virus:AdWare.Win32.WinShow.f". Action Taken: No Action Taken.
Mon Nov 14 17:09:29 2005 => File C:\Programme\Weisseradler-Script 1.071\Weisseradler-Script.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.603. No Action Taken.
Mon Nov 14 17:10:03 2005 => File C:\RECYCLER\S-1-5-21-1935655697-1563985344-1957994488-1003\Dc4.exe tagged as not-a-virus:Server-FTP.Win32.Serv-U.5000. No Action Taken.
Mon Nov 14 17:10:22 2005 => File C:\RECYCLER\S-1-5-21-1935655697-1563985344-1957994488-500\Dc140.exe tagged as "not-a-virus:AdWare.Win32.Gator.5112". Action Taken: No Action Taken.
Mon Nov 14 17:10:24 2005 => File C:\RECYCLER\S-1-5-21-1935655697-1563985344-1957994488-500\Dc142.exe tagged as "not-a-virus:AdWare.Win32.Gator.7035". Action Taken: No Action Taken.
Mon Nov 14 17:16:03 2005 => File C:\WINDOWS\azkvmx.exe tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken.
Mon Nov 14 17:16:04 2005 => File C:\WINDOWS\Chat[cfl-10018,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 17:16:18 2005 => File C:\WINDOWS\Downloaded Program Files\WONWebLauncherControl.ocx tagged as "not-a-virus:AdWare.Win32.iWon.c". Action Taken: No Action Taken.
Mon Nov 14 17:18:53 2005 => File C:\WINDOWS\hausaufgaben.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 17:21:59 2005 => File C:\WINDOWS\IEMenuExtension.exe tagged as "not-a-virus:AdWare.Win32.Ucmore.e". Action Taken: No Action Taken.
Mon Nov 14 17:24:38 2005 => File C:\WINDOWS\p2p.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 17:25:40 2005 => File C:\WINDOWS\radiofox.exe.exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
Mon Nov 14 17:35:33 2005 => File C:\WINDOWS\system32\searchdll.dll tagged as "not-a-virus:AdWare.Win32.Serch.a". Action Taken: No Action Taken.
Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\adm.exe tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\adm25.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\adm4.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\admdloader.dll tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.3039". Action Taken: No Action Taken.
Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\admfdi.dll tagged as "not-a-virus:AdWare.Win32.Altnet.j". Action Taken: No Action Taken.
Mon Nov 14 17:36:35 2005 => File C:\WINDOWS\Temp\Altnet\admprog.dll tagged as "not-a-virus:AdWare.Win32.Altnet.a". Action Taken: No Action Taken.
Mon Nov 14 17:36:36 2005 => File C:\WINDOWS\Temp\Altnet\dmfiles.cab tagged as "not-a-virus:AdWare.Win32.Altnet.g". Action Taken: No Action Taken.
Mon Nov 14 17:36:36 2005 => File C:\WINDOWS\Temp\Altnet\mysearch.cab tagged as "not-a-virus:AdWare.Win32.MyWay.g". Action Taken: No Action Taken.
Mon Nov 14 17:36:37 2005 => File C:\WINDOWS\Temp\Altnet\pmexe.cab tagged as "not-a-virus:AdWare.Win32.Altnet.h". Action Taken: No Action Taken.
Mon Nov 14 17:36:37 2005 => File C:\WINDOWS\Temp\Altnet\pmfiles.cab tagged as "not-a-virus:AdWare.Win32.BrilliantDigital.1007". Action Taken: No Action Taken.
Mon Nov 14 17:36:37 2005 => File C:\WINDOWS\Temp\Altnet\Setup.exe tagged as "not-a-virus:AdWare.Win32.Altnet.b". Action Taken: No Action Taken.
Mon Nov 14 17:36:41 2005 => File C:\WINDOWS\vitalinet[vlt-10011,1].exe tagged as "not-a-virus:Porn-Dialer.Win32.Intexdial". Action Taken: No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "offending"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\dashbar !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\media access !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\precisiontime !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\topconverting !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\avenue media !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\gator.com !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\kazaa !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\media access !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\myway !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\p2p networking !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\topconverting !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKCU\Software\avenue media !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKCU\Software\gnu !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKLM\Software\policies\avenue media !!!
Mon Nov 14 16:03:29 2005 => Offending Key found: HKCU\Software\policies\avenue media !!!
Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\smdat32a.sys
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\WINDOWS\TEMP\adware
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\WINDOWS\TEMP\altnet
Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\System32\ide21201.vxd
Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\System32\instsrv.exe
Mon Nov 14 16:03:30 2005 => Offending file found: C:\WINDOWS\System32\popup_bl.dll
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\180searchassistant
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\dashbar
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\gator.com
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\kazaa
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\myway
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\perfectnav
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\precisiontime
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\topconverting
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\Gemeinsame Dateien\cmeii
Mon Nov 14 16:03:30 2005 => Offending Folder found: C:\Programme\Gemeinsame Dateien\gmt
Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\fitting\044\uninstall.ini
Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\dll\mdx.dll
Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\dll\moo.dll
Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\dll\views.mdx
Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\remote.ini
Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\dccinfo\mdx.dll
Mon Nov 14 16:03:38 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\dccinfo\views.mdx
Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\prot\dll\mdx.dll
Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\download\programme\irc-script-neu\irc-script-neu\utilities\prot\dll\views.mdx
Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\moo.dll
Mon Nov 14 16:03:39 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\mein ordner\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\headquarter.mirc.power.by.weisseradler.v.3.0\remote.i ni
Mon Nov 14 16:03:43 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\0xm7qrc5\ads[1].htm
Mon Nov 14 16:03:43 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\0xm7qrc5\ads[2].htm
Mon Nov 14 16:03:45 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\89y3o1ij\show_ads[2].js
Mon Nov 14 16:03:45 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\89y3o1ij\stylesheet[1].css
Mon Nov 14 16:03:46 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\bacrjpkl\adswrapper[1].js
Mon Nov 14 16:03:46 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\bacrjpkl\ads[2].htm
Mon Nov 14 16:03:51 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\m7kfad4f\ads[1].htm
Mon Nov 14 16:03:52 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\ortn2e3x\adsend[1].js
Mon Nov 14 16:03:52 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\ortn2e3x\ads[1].htm
Mon Nov 14 16:03:53 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temporary internet files\content.ie5\ortn2e3x\stylesheet[1].css
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\0xm7qrc5\ads[1].htm
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\0xm7qrc5\ads[2].htm
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\89y3o1ij\show_ads[2].js
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\89y3o1ij\stylesheet[1].css
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\bacrjpkl\adswrapper[1].js
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\bacrjpkl\ads[2].htm
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\m7kfad4f\ads[1].htm
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\ortn2e3x\adsend[1].js
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\ortn2e3x\ads[1].htm
Mon Nov 14 16:03:59 2005 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\content.ie5\ortn2e3x\stylesheet[1].css
Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\180search assistant
Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\gain publishing
Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\precisiontime
Mon Nov 14 16:04:00 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\180search assistant
Mon Nov 14 16:04:01 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\gain publishing
Mon Nov 14 16:04:01 2005 => Offending Folder found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\precisiontime
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon Nov 14 17:36:48 2005 => Total Virus(es) Found: 183
Mon Nov 14 17:36:48 2005 => Total Errors: 27
Mon Nov 14 17:36:48 2005 => Time Elapsed: 01:41:04
Mon Nov 14 17:36:48 2005 => Total Objects Scanned: 86783
Mon Nov 14 15:54:07 2005 => Virus Database Date: 2005/11/14
Mon Nov 14 17:36:48 2005 => Virus Database Date: 2005/11/14
Wed Nov 16 09:07:23 2005 => Virus Database Date: 2005/11/14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

Hallo,
ach du meine Güte, wie kann man sich so viel Ad/Spyware einfangen. Na gut, mach mal folgendes, besorge dir die Programme Ad-Aware, Spybot und Ewido und scanne mit ihnen das System, dann noch mal cleanup! drüber laufen lassen, die Datei MWAV.LOG löschen, Escan wieder scannen lassen und wieder das Ergebnis posten.


Grüße Wildone