Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   wie bekomm ich das weg?? (https://www.trojaner-board.de/24886-bekomm-weg.html)

Toto1980 25.12.2005 21:28
wie bekomm ich das weg??
 
Wie bekomme ich das weg??

MWAV
Virus log information

Object "zipitpro Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "lop.com Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "casinoclient Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "whenu.savenow Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "casinoclient Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "zipitpro Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Programme\Mobile Phone Manager\bin\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mobile Phone Manager\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Joline\Anwendungsdaten\InstallShield\Driver\8\Intel 32\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Joline\Anwendungsdaten\InstallShield\Driver\8\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Joline\Anwendungsdaten\InstallShield\Driver\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Joline\Anwendungsdaten\InstallShield\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 1\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 1\xtras\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 2\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 2\xtras\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 3\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 3\xtras\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 4\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 4\xtras\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Löwenzahn 5\xtras\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Löwenzahn 5\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 6\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "D:\Spiele\Terzio\Loewenzahn 6\xtras\". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".2". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".xfb". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Active GIF Creator 2.22". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "GitarreroDemo_is1". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "InstallShield_{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "MobiMB Mobile Media Browser". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (1.0.6)". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Netscape Browser". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Toddler". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{6BAA26DB-2D4E-42B6-BC3F-3B58144A64B6}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7AE38076-D8FD-4EF9-A203-98A3EF0C66C1}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8F2D21F9-F428-4EF2-8111-953EF3299EFB}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{B6F867E8-F092-4C5E-7D72-AC7057DBEF45}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}". Action Taken: No Action Taken.
Entry "HKCR\.b5i" refers to invalid object "vc7.image". Action Taken: No Action Taken.
Entry "HKCR\.bin" refers to invalid object "vc7.image". Action Taken: No Action Taken.
Entry "HKCR\.bwi" refers to invalid object "vc7.image". Action Taken: No Action Taken.
Entry "HKCR\.c2d" refers to invalid object "vc7.image". Action Taken: No Action Taken.
Entry "HKCR\.xmf" refers to invalid object "vc7.image". Action Taken: No Action Taken.
Entry "HKCR\Magnet\shell\open\command" refers to invalid object ""C:\Programme\Azureus\Azureus.exe" "%1"". Action Taken: No Action Taken.
Entry "HKCR\NeroAACType\shell\open\command" refers to invalid object "D:\PROGRA~1\ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\NeroCopyType\shell\open\command" refers to invalid object "D:\PROGRA~1\ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\NeroCueSheetType\shell\open\command" refers to invalid object "D:\PROGRA~1\ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\NeroErrorType\shell\open\command" refers to invalid object "D:\PROGRA~1\ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\NeroHDBackupType\shell\open\command" refers to invalid object "D:\PROGRA~1\ahead\Nero\nero.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\NMUIEngine.NMUIResourceLoaderHarddisk" refers to invalid object "{03DC5606-EA66-4f02-AB52-2065524B03821}". Action Taken: No Action Taken.

Toto1980 26.12.2005 11:29
Tue Dec 27 09:59:03 2005 => Offending file found: C:\WINDOWS\iun6002.exe
Tue Dec 27 09:59:03 2005 => System found infected with zipitpro Spyware/Adware (iun6002.exe)! Action taken: No Action Taken.

Tue Dec 27 09:59:03 2005 => Offending file found: C:\DOKUME~1\Tismar\LOKALE~1\Temp\insthelp.dll
Tue Dec 27 09:59:03 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.

Tue Dec 27 09:59:05 2005 => Offending file found: C:\Dokumente und Einstellungen\Tismar\Anwendungsdaten\mozilla\firefox\profiles\k50xvivo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\defaults\preferences\options.js
Tue Dec 27 09:59:05 2005 => System found infected with limewire Spyware/Adware (options.js)! Action taken: No Action Taken.

Tue Dec 27 09:59:05 2005 => Offending file found: C:\Dokumente und Einstellungen\Tismar\Desktop\backup.reg
Tue Dec 27 09:59:05 2005 => System found infected with lop.com Spyware/Adware (backup.reg)! Action taken: No Action Taken.

Tue Dec 27 09:59:10 2005 => Offending file found: C:\Dokumente und Einstellungen\Tismar\Lokale Einstellungen\temp\insthelp.dll
Tue Dec 27 09:59:10 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:31 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22