Hilfe infiziert von Spyware

Ich bin pc neuling und hab mehrere spyware programme aufm rechner spybot hilft nich was tun  ??? ???

« Letzte Änderung: 17.03.05, 23:40:50 von Kiche »

Antworten zu dieser Frage:

Scan initialized on 17.03.2005 23:08:48
=================================================
Started memory scan
====================
Processes Currently Running

#:1 (smss.exe)
    Path:\SystemRoot\System32\smss.exe
    BasePriority:NORMAL


#:2 (services.exe)
    Path:C:\WINDOWS\system32\services.exe
    BasePriority:NORMAL
    FileSize :106 kb
    Last accessed  :04.08.2004 08:58:11
    Build :5.1.2600.2180
    OS :NT-Win32-Executable
    Description :Anwendung für Dienste und Controller
    Version  :5.1.2600.2180
    Product Name:Betriebssystem Microsoft® Windows®


#:3 (savedump.exe)
    Path:C:\WINDOWS\system32\savedump.exe
    BasePriority:IDLE
    FileSize :13 kb
    Last accessed  :04.08.2004 08:58:10
    Build :5.1.2600.2180
    OS :NT-Win32-Executable
    Description :Programm zur Sicherung eines Abbilds
    Version  :5.1.2600.2180
    Product Name:Betriebssystem Microsoft® Windows®


#:4 (lsass.exe)
    Path:C:\WINDOWS\system32\lsass.exe
    BasePriority:NORMAL
    FileSize :13 kb
    Last accessed  :04.08.2004 08:57:59
    Build :5.1.2600.2180
    OS :NT-Win32-DLL
    Description :LSA Shell (Export Version)
    Version  :5.1.2600.2180
    Product Name:Microsoft® Windows® Operating System


#:5 (svchost.exe)
    Path:C:\WINDOWS\system32\svchost.exe
    BasePriority:NORMAL
    FileSize :14 kb
    Last accessed  :04.08.2004 08:58:15
    Build :5.1.2600.2180
    OS :NT-Win32-Executable
    Description :Generic Host Process for Win32 Services
    Version  :5.1.2600.2180
    Product Name:Microsoft® Windows® Operating System


#:6 (svchost.exe)
    Path:C:\WINDOWS\System32\svchost.exe
    BasePriority:NORMAL
    FileSize :14 kb
    Last accessed  :04.08.2004 08:58:15
    Build :5.1.2600.2180
    OS :NT-Win32-Executable
    Description :Generic Host Process for Win32 Services
    Version  :5.1.2600.2180
    Product Name:Microsoft® Windows® Operating System


#:7 (InCDsrv.exe)
    Path:C:\Programme\Ahead\InCD\InCDsrv.exe
    BasePriority:NORMAL
    FileSize :1136 kb
    Last accessed  :16.07.2004 14:48:42
    Build :4.2.16.0
    OS :NT-Win32-Executable
    Description :incdsrv
    Version  :4.2.16.0
    Product Name:Ahead Software AG incdsrv


#:8 (Explorer.EXE)
    Path:C:\WINDOWS\Explorer.EXE
    BasePriority:NORMAL
    FileSize :1011 kb
    Last accessed  :04.08.2004 08:57:53
    Build :6.0.2900.2180
    OS :NT-Win32-Executable
    Description :Windows Explorer
    Version  :6.0.2900.2180
    Product Name:Betriebssystem Microsoft® Windows®


#:9 (LEXBCES.EXE)
    Path:C:\WINDOWS\system32\LEXBCES.EXE
    BasePriority:NORMAL
    FileSize :293 kb
    Last accessed  :09.10.2001 16:29:27
    Build :7.1.0.0
    OS :NT-Win32-DLL
    Description :LexBce Service
    Version  :7.1.0.0
    Product Name:MarkVision for Windows (32 bit)


#:10 (spoolsv.exe)
     Path:C:\WINDOWS\system32\spoolsv.exe
     BasePriority:NORMAL
     FileSize :56 kb
     Last accessed  :04.08.2004 08:58:14
     Build :5.1.2600.2180
     OS :NT-Win32-Executable
     Description :Spooler SubSystem App
     Version  :5.1.2600.2180
     Product Name:Microsoft® Windows® Operating System


#:11 (LEXPPS.EXE)
     Path:C:\WINDOWS\system32\LEXPPS.EXE
     BasePriority:NORMAL
     FileSize :166 kb
     Last accessed  :09.10.2001 16:26:48
     Build :7.1.0.0
     OS :NT-Win32-DLL
     Description :LEXPPS.EXE
     Version  :7.1.0.0
     Product Name:MarkVision for Windows (32 bit)


#:12 (LXSUPMON.EXE)
     Path:C:\WINDOWS\System32\LXSUPMON.EXE
     BasePriority:NORMAL
     FileSize :799 kb
     Last accessed  :09.10.2001 17:08:01
     Build :2.2.64.1
     OS :NT-Win32-Executable
     Description :Supplies Monitor
     Version  :2.2.64.1
     Product Name:Lexmark Supplies Monitor


#:13 (msnappau.exe)
     Path:C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe
     BasePriority:NORMAL
     FileSize :84 kb
     Last accessed  :13.08.2004 16:41:26
     Build :1.2.3000.1001
     OS :Unknown-Executable
     Description :MSN Updater
     Version  :1.2.3000.1001
     Product Name:MSN Updater


#:14 (DATALA~1.EXE)
     Path:C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
     BasePriority:NORMAL
     FileSize :1132 kb
     Last accessed  :06.05.2004 14:47:22
     Build :5.0.0.0
     OS :Unknown-Executable
     Description :DataLayer 2.0 Module
     Version  :5.0.2.561
     Product Name:Nokia PC Suite


#:15 (TRAYAP~1.EXE)
     Path:C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
     BasePriority:NORMAL
     FileSize :144 kb
     Last accessed  :23.03.2004 11:20:24
     Build :1.0.0.0
     OS :Unknown-Executable
     Description :Nokia Tray Application
     Version  :1.0.0.22
     Product Name:Nokia Tray Application


#:16 (jusched.exe)
     Path:C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
     BasePriority:NORMAL
     FileSize :32 kb
     Last accessed  :03.06.2004 21:05:08
     Build :1.0.0.0
     OS :Unknown-Executable
     Description :
     Version  :1.0.0.22
     Product Name:


#:17 (Profiler.exe)
     Path:C:\Programme\Saitek\Software\Profiler.exe
     BasePriority:NORMAL
     FileSize :156 kb
     Last accessed  :28.01.2004 09:19:26
     Build :4.3.3.610
     OS :Unknown-DLL
     Description :Manual Configuration
     Version  :4.3.3.610
     Product Name:Configuration Software


#:18 (SaiSmart.exe)
     Path:C:\Programme\Saitek\Software\SaiSmart.exe
     BasePriority:NORMAL
     FileSize :96 kb
     Last accessed  :28.01.2004 09:19:52
     Build :4.3.3.610
     OS :Unknown-Executable
     Description :Smart Button Special Sauce
     Version  :4.3.3.610
     Product Name: SaiSmart Application


#:19 (InCD.exe)
     Path:C:\Programme\Ahead\InCD\InCD.exe
     BasePriority:NORMAL
     FileSize :1376 kb
     Last accessed  :16.07.2004 13:50:05
     Build :4.2.16.0
     OS :Unknown-Executable
     Description :InCD
     Version  :4.2.16.0
     Product Name:Ahead Software AG InCD


#:20 (rundll32.exe)
     Path:C:\WINDOWS\system32\rundll32.exe
     BasePriority:NORMAL
     FileSize :33 kb
     Last accessed  :04.08.2004 08:58:10
     Build :5.1.2600.2180
     OS :NT-Win32-Executable
     Description :Eine DLL-Datei als Anwendung ausführen
     Version  :5.1.2600.2180
     Product Name:Betriebssystem Microsoft® Windows®


#:21 (point32.exe)
     Path:C:\Programme\Microsoft IntelliPoint\point32.exe
     BasePriority:NORMAL
     FileSize :200 kb
     Last accessed  :03.06.2004 01:50:08
     Build :5.2.413.0
     OS :NT-Win32-Executable
     Description :Point32.exe
     Version  :5.2.413.0
     Product Name:Microsoft IntelliPoint


#:22 (ctfmon.exe)
     Path:C:\WINDOWS\system32\ctfmon.exe
     BasePriority:NORMAL
     FileSize :15 kb
     Last accessed  :04.08.2004 08:57:48
     Build :5.1.2600.2180
     OS :NT-Win32-DLL
     Description :CTF Loader
     Version  :5.1.2600.2180
     Product Name:Microsoft® Windows® Operating System


#:23 (wlanutil.exe)
     Path:C:\Programme\MA311 PCI Adapter Configuration Utility\wlanutil.exe
     BasePriority:NORMAL
     FileSize :610 kb
     Last accessed  :31.05.2002 00:05:26
     Build :5.1.2600.2180
     OS :NT-Win32-DLL
     Description :
     Version  :5.1.2600.2180
     Product Name:


#:24 (SERVIC~1.EXE)
     Path:C:\PROGRA~1\GEMEIN~1\PCSuite\Services\SERVIC~1.EXE
     BasePriority:NORMAL
     FileSize :86 kb
     Last accessed  :04.05.2004 11:25:36
     Build :6.0.0.0
     OS :Unknown-Executable
     Description :ServiceLayer Module
     Version  :6.0.9.0
     Product Name:Nokia Connectivity Library


#:25 (nvsvc32.exe)
     Path:C:\WINDOWS\System32\nvsvc32.exe
     BasePriority:NORMAL
     FileSize :112 kb
     Last accessed  :15.07.2004 10:42:00
     Build :6.14.10.6177
     OS :Unknown-DLL
     Description :NVIDIA Driver Helper Service, Version 61.77
     Version  :6.14.10.6177
     Product Name:NVIDIA Driver Helper Service, Version 61.77


#:26 (svchost.exe)
     Path:C:\WINDOWS\System32\svchost.exe
     BasePriority:NORMAL
     FileSize :14 kb
     Last accessed  :04.08.2004 08:58:15
     Build :5.1.2600.2180
     OS :NT-Win32-Executable
     Description :Generic Host Process for Win32 Services
     Version  :5.1.2600.2180
     Product Name:Microsoft® Windows® Operating System


#:27 (xcommsvr.exe)
     Path:C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
     BasePriority:NORMAL
     FileSize :68 kb
     Last accessed  :02.10.2003 11:15:38
     Build :1.7.0.4
     OS :Unknown-Executable
     Description :BitDefender Communicator Server
     Version  :1.7.0.4
     Product Name:Softwin BitDefender Communicator Server


#:28 (bdss.exe)
     Path:C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
     BasePriority:NORMAL
     FileSize :56 kb
     Last accessed  :11.11.2003 14:25:58
     Build :1.7.0.4
     OS :Unknown-Executable
     Description :
     Version  :1.7.0.4
     Product Name:

#:29 (SpyRem.exe)
     Path:C:\Programme\BulletProofSoft.com\BPS Spyware & Adware Remover\SpyRem.exe
     BasePriority:NORMAL
     FileSize :1700 kb
     Last accessed  :02.02.2005 21:39:04
     Build :9.1.0.1
     OS :Unknown-Executable
     Description :BPS SpyWare and Adware Remover
     Version  :9.1.0.1
     Product Name:BPS SpyWare and Adware Remover


#:30 (wuauclt.exe)
     Path:C:\WINDOWS\system32\wuauclt.exe
     BasePriority:NORMAL
     FileSize :111 kb
     Last accessed  :03.08.2004 13:02:34
     Build :5.4.3790.2182
     OS :NT-Win32-Executable
     Description :Automatische Updates
     Version  :5.4.3790.2182
     Product Name:Betriebssystem Microsoft® Windows®


Memory scan result:
Total modules found:31
Suspicious modules found:
Scan complete

Started folder scan
====================
Bho_SideFind folder:C:\PROGRA~1\sidefind
Folder scan result:
Suspicious folders  found:1

Started file scan
====================
Bho_SideFind file:C:\PROGRA~1\sidefind\sfbho.dll
   FileSize :94 kb
   Last accessed  :17.03.2005 21:37:21
   Build :1.0.0.1
   OS :Unknown-DLL


TopMoxie file:C:\DOKUME~1\Kiche\LOKALE~1\Temp\DJTOPR~1.EXE
   FileSize :31 kb
   Last accessed  :28.10.2004 21:14:56
   Build :1.0.0.1
   OS :Unknown-DLL


Spyware.Netobserve file:C:\WINDOWS\unvise32.exe
   FileSize :88 kb
   Last accessed  :15.03.2003 23:15:04
   Build :3.6.0.0
   OS :Unknown-Executable


VX2 file:C:\DOKUME~1\Kiche\LOKALE~1\Temp\jkill.exe
   FileSize :44 kb
   Last accessed  :02.06.2004 19:27:25
   Build :3.6.0.0
   OS :Unknown-Executable


File scan result:
Suspicious files found:4
Scan complete

Started Cookie scan
====================

Cookie Type:NGUserID
Cookie Value:c0a8c130-3129-1110402930-2
Cookie Source:adserver.71i.de/
Cookie Name:kiche@adserver.71i[1].txt


Cookie Type:NGUserID
Cookie Value:c0a8c130-3129-1110402930-2
Cookie Source:adserver.71i.de/
Cookie Name:kiche@adserver.71i[1].txt


Cookie Type:NGUserID
Cookie Value:c0a8c130-3129-1110402930-2
Cookie Source:adserver.71i.de/
Cookie Name:kiche@adserver.71i[1].txt


Cookie Type:phpAds_blockAd[69]
Cookie Value:1110707264
Cookie Source:adserver.cheatplanet.com/
Cookie Name:kiche@adserver.cheatplanet[1].txt


Cookie Type:phpAds_blockAd[69]
Cookie Value:1110707264
Cookie Source:adserver.cheatplanet.com/
Cookie Name:kiche@adserver.cheatplanet[1].txt


Cookie Type:PVTRACK
Cookie Value:#ECP#@8D54Cx473F0#@8D4BDx473EF#C8D547x473F0#G8D4B9x473EF#
Cookie Source:as-eu.falkag.net/
Cookie Name:kiche@as-eu.falkag[1].txt


Cookie Type:PVTRACK
Cookie Value:#ECQ#@8D4BDx473CF#A8B732x48C31#A8B730x48C2E#A8D3ACx4A1B2#A8D54Cx473F0#A8D4BDx473EF#D8D547x473F0#D8CD39x23A2C#F87F11x47282#H8B731x48C30#H8D4B9x473EF#H88E55x471BD#
Cookie Source:as1.falkag.de/
Cookie Name:kiche@as1.falkag[1].txt


Cookie Type:eyeblaster
Cookie Value:BWDate=3%2F13%2F2005&BWVal=0
Cookie Source:bs.serving-sys.com/
Cookie Name:kiche@bs.serving-sys[1].txt


Cookie Type:TID
Cookie Value:1nmboup1135gdj
Cookie Source:burstnet.com/
Cookie Name:kiche@burstnet[2].txt


Cookie Type:IMRID
Cookie Value:QjLA-j699PEAAJOTpW8
Cookie Source:imrworldwide.com/cgi-bin
Cookie Name:kiche@cgi-bin[1].txt


Cookie Type:entrycode
Cookie Value:Zanox_173062840158514345
Cookie Source:www.bonprix-shop.de/mall/cgi-bin/
Cookie Name:kiche@cgi-bin[2].txt


Cookie Type:s_vi_6x7Ex3Dx7Dx0Cx2Ax7Ebx20x0Cx3Bx0Cx29ax0Cx23x21x0C1x3E79ex24x0Cx25 x3Dx0Cx2Ax7Ebx20x0C6x0Cx29ax0Cx23x21x0C2a79ex24x0C98x3Cx0Cx204x0C7x0C 9x0Cx3Cx0C0x234x2279ex2Bjx3Dx0Cx2Ax7Ebx206x0Cx22x7Eax7Ea
Cookie Value:[CS]v4|423493680000448B-A640A1600000001|42349368[CE]
Cookie Source:e-2dj6wjkosgdjocp.stats.esomniture.com/
Cookie Name:kiche@e-2dj6wjkosgdjocp.stats.esomniture[2].txt


Cookie Type:c6
Cookie Value:20146:1110622751:0:1|
Cookie Source:fastclick.net/
Cookie Name:kiche@fastclick[2].txt


Cookie Type:uu
Cookie Value:0cLjZ2xfDEdC
Cookie Source:maxserving.com/
Cookie Name:kiche@maxserving[1].txt


Cookie Type:MSPPre
Cookie Value:Thomas_Kircher@hotmail.com
Cookie Source:passport.com/
Cookie Name:kiche@passport[1].txt


Cookie Type:FlightInfo
Cookie Value:66412%2D1%2D1110695779%2D1110695779%2D0%5F
Cookie Source:serving-sys.com/
Cookie Name:kiche@serving-sys[2].txt


Cookie Type:p21264
Cookie Value:43200
Cookie Source:tradedoubler.com/
Cookie Name:kiche@tradedoubler[2].txt


Cookie Type:ANON_ID
Cookie Value:KHKJNRKEMKES
Cookie Source:tribalfusion.com/
Cookie Name:kiche@tribalfusion[2].txt



Cookie scan results:
Suspicious cookies found:22
Scan complete


==========================================================
Spyware components found total: 43
==========================================================

Task completed on 23:11:18
Done


==========================================================
Application Version: 9.1.1
==========================================================
Major Version: 5
Minor Version: 1
Build Number Version: 2600
Platform ID: 2
Service Pack Major: 2
Service Pack Minor: 0
Suite Mask: 768
Platform: Windows XP
Platform Version: Windows XP v5.1, Build 2600
OS Product Name: NT Workstation
CSD Version: Service Pack 2
Is Windows XP: Wahr
Is Windows 2K: Wahr
Is Windows NT: Wahr
Is Windows 9x: Falsch
Is Windows 95: Falsch
Is Windows 98: Falsch
Is Windows Me: Falsch


==========================================================

Started Hosts file scan
====================


Hosts file scan results:
Bad Hosts Entry found:0
Scan complete


==========================================================
Spyware components found total: 43
==========================================================

könnt ihr mit dem log file was anfangen? :'(

« Letzte Änderung: 17.03.05, 23:41:37 von Kiche »

hi kiche,

du hast ua.  den BPS SpyWare and Adware Remover drauf.
dieser angebliche spyware-remover steht selbst auf der liste der sog. rogue anti-spyware.
schau hier:
 www.spywarewarrior.com/rogue_anti-spyware.htm
ist bekannt als
"false positives work as goad to purchase;
 company is known adware distributor (1);
 exploits name SpywareBlaster (1);
 Ad-aware rip-off (1, 2);
 Spybot S&D rip-off (1, 2, 3);
 usw."
würde schnellstens dieses tool über start-->software
deinstallieren und hinterher lieber anerkannte tools
die ad-ware von lavasoft.de   oder spybot installieren und diese im abgesicherten modus
 http://www.bsi.bund.de/av/texte/wiederher.htm
scannen lassen.

anschliessend ein hijacktlogfile erstellen
(gibts hier: www.hjt.klaffke.de o. www.hijackthis.de )

du wirst sicherlich noch reste drauf haben, die man
besser mit diesem hjt-tool entfernt.

evlt. sind auch deine sog. winsock2-einträge beschädigt.  deswegen solltest du dir schon mal vorsichtshalber das sog. lspfix von
 http://www.cexx.org/lspfix.htm herunterladen
zur reserve. ob's gebraucht wird, sieht man anschliessend. aber kann nicht schaden, es schon mal drauf zu haben und stört auch sonst nicht.

hi also scan gerade mit adaware aber im normalen modus komm da aber nich rein pc stürzt immer nach einlesen der sys ab! hab auch wie manche leute in foren raten einen eintrag in der boot.ini gelöscht hilft bei mir aber nicht


danke das du mir geholfen hast, auch wenns bisher noch nicht ganz bei mir klappt ein paar von den dingern wird adaware auch im normalen modus killen können

The first who is gonna help you will just pull out a little more fun out of you!


« Umwandeln von mp3 nach mpg oder mpeghacken »