Diverse Purity Trojaner killen?? |
|
|---|---|
|
15.08.2004, 21:02
...neu hier
Beiträge: 4 |
|
 
|
|
|
15.08.2004, 21:10
Ehrenmitglied
 Beiträge: 29434 |
#17
Hi @Bambo
#Deaktiviere die Wiederherstellung http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/gdocid/20030807105707924 Fixe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank O3 - Toolbar: T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - C:\PROGRA~1\LANGEN~1.0\Engine\mte\StdAlone\T1IE.dll R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = wmplayer.exe //ICWLaunch O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\explorer.exe O4 - HKLM\..\Run: [System Service] C:\WINDOWS\System32\msrexe.exe O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe O4 - HKCU\..\Run: [Rojkdma] C:\WINDOWS\System32\fsbllsew.exe O15 - Trusted Zone: *.blazefind.com O15 - Trusted Zone: *.clickspring.net O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.searchbarcash.com O15 - Trusted Zone: *.skoobidoo.com O15 - Trusted Zone: *.slotch.com O15 - Trusted Zone: *.xxxtoolbar.com O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} - http://install.global-netcom.de/ieloader.cab O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://213.159.117.133/dl/adv90/x.chm::/load.exe fixe auch: (ist nicht<bad<, aber sollte aus dem Autostart: O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Desksite CMA] C:\Programme\desksite\bin\cma.exe O4 - HKLM\..\Run: [Glass2k] D:\Appz\Longhorn\3\Glass2k.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programme\Creative\PC-CAM Center\CAMTRAY.EXE O4 - HKLM\..\Run: [BearShare] "D:\BearShare\BearShare.exe" /pause O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s neustarten #Ueberpruefe mit Kaspersky C:\WINDOWS\System32\msrexe.exe.........Remote Access / Hacking tool / ICQ trojan\BackDoor-G2.svr.21 (?)\ Troj/Sub7-2.1H C:\WINDOWS\system32\explorer.exe C:\WINDOWS\system32\explorer.exe (sind 2) C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\fsbllsew.exe http://www.kaspersky.com/remoteviruschk.html Gehe in den abgesicherten Modus: http://www.bsi.de/av/texte/winsave.htm ...................................................................................................... #Start<Ausfuehren<regedit HKEY_CLASSES_ROOT\exefile\shell\open\command. You'll see the entry: (Default) = MSREXE.EXE "%1"%* aendere in : (Default) = "%1"%* loesche jeweils auf der rechten Seite der Registry: HKLM\Software\CLASSES\.dl = exefile HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\ Winloader = MSREXE.exe. HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command\dl http://www.pccomputernotes.com/viruses/backdoorg2.htm HKEY_LOCAL_MACHINE\Software\WhenUSave HKCR\WUSN.1 #schliesse die Registry, starte neu und loesche : C:\WINDOWS\System32\msrexe.exe C:\Windows\System32\windos.exe C:\WINDOWS\system32\explorer.exe C:\WINDOWS\System32\fsbllsew.exe .......................................................................................................... #Deinstalliere und loesche alles von: C:\PROGRA~1\Save\Save.exe Uninstall the adware using the C:\Program Files\Save\SaveUninst.exe file. loesche; # Save.exe # Save.html # Readme.txt # SaveUninst.exe ------------------------------------------------------------------------------ #Gehe mal in die Host-Datei (mit dem Editor oeffnen) schau mal in c:\Windows\System32\drivers\etc\hosts Im Normalfall sollte dass hier drin stehen, alles andere loeschen 127.0.0.1 localhost #Orginal Host Datei #Lade ClearProg http://www.clearprog.de/ Loesche: - Cookies - Verlauf - Temporäre Internetfiles (Cache) #eScan< (in C:\base entpacken) http://www.mwti.net/antivirus/free_utilities.asp # "kavupd.exe" suchen und anklicken. Es oeffnet sich ein DOS-Fenster und es wird ein Update ausgeführt(dauert ein bisschen) #den Scanner mit der "mwav.exe starten. Alle Häkchen setzen und "Clean-Scan" klicken. #Stelle unter <Internetoptionen< eine neue Startseite ein --(poste den Teil vom <eScan< Log, was <infiziert< ist --die Infos von Kaspersky --und das neu HijackThis . mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 15.08.2004 um 22:09 Uhr von Sabina editiert.
|
|
|
|
|
15.08.2004, 22:27
Ehrenmitglied
Beiträge: 29434 |
#18
LOG VON @hr.grün
hi sabina! also der neue log vom antivir ist: Erstellungsdatum der Reportdatei: 15.08.2004 14:58 Laufwerke: A: Diskettenlaufwerk C: Festplatte D: Festplatte E: Festplatte F: CDRom G: CDRom Start des Suchlaufs: 15.08.2004 14:58 Speichertest OK Master-Bootsektor von Festplatte HD0 OK Master-Bootsektor von Festplatte HD1 OK Bootsektor von Laufwerk C: O.K C:\ pagefile.sys Zugriff verweigert! Fehler beim Öffnen der Datei. Dies ist eine Auslagerungsdatei von Windows. Diese Datei ist von Windows gelockt. Fehlercode: 0x000D WARNUNG! Zugriffsfehler/Datei gesperrt! C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery AlexaRelated.zip ArchiveType: ZIP HINWEIS! Das gesamte Archiv ist passwortgeschützt Cydoor.zip ArchiveType: ZIP HINWEIS! Das gesamte Archiv ist passwortgeschützt DSOExploit.zip ArchiveType: ZIP HINWEIS! Das gesamte Archiv ist passwortgeschützt DSOExploit1.zip ArchiveType: ZIP HINWEIS! Das gesamte Archiv ist passwortgeschützt DSOExploit2.zip ArchiveType: ZIP HINWEIS! Das gesamte Archiv ist passwortgeschützt DSOExploit3.zip ArchiveType: ZIP HINWEIS! Das gesamte Archiv ist passwortgeschützt DSOExploit4.zip ArchiveType: ZIP HINWEIS! Das gesamte Archiv ist passwortgeschützt C:\Dokumente und Einstellungen\manuel\Lokale Einstellungen\Temporary Internet Files\Content.IE5\F4BI1T91 ClearProg_1.4.0_Final[1].zip ArchiveType: ZIP HINWEIS! Das Archiv ist unbekannt oder defekt Fehler beim Wechsel in das Verzeichnis System Volume Information C:\WINDOWS\system32\config default Zugriff verweigert! Fehler beim Öffnen der Datei. Fehlercode: 0x000D WARNUNG! Zugriffsfehler/Datei gesperrt! SAM Zugriff verweigert! Fehler beim Öffnen der Datei. Fehlercode: 0x000D WARNUNG! Zugriffsfehler/Datei gesperrt! SECURITY Zugriff verweigert! Fehler beim Öffnen der Datei. Fehlercode: 0x000D WARNUNG! Zugriffsfehler/Datei gesperrt! software Zugriff verweigert! Fehler beim Öffnen der Datei. Fehlercode: 0x000D WARNUNG! Zugriffsfehler/Datei gesperrt! system Zugriff verweigert! Fehler beim Öffnen der Datei. Fehlercode: 0x000D WARNUNG! Zugriffsfehler/Datei gesperrt! Ende des Suchlaufs: 15.08.2004 15:02 Benötigte Zeit: 03:16 min 963 Verzeichnisse wurden durchsucht 14531 Dateien wurden geprüft 6 Warnungen wurden ausgegeben 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Viren bzw. unerwünschte Programme wurden gefunden _________________________________________________ _________________________________________________ neuer log vom hijackthis______________________________________________ _________________________________________________ Logfile of HijackThis v1.97.7 Scan saved at 15:05:01, on 15.08.2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUS\Probe\AsusProb.exe C:\Programme\Creative\Desktop Wireless\mouse_2k.exe C:\Programme\Creative\Desktop Wireless\kb_2k.exe C:\WINDOWS\System32\CTHELPER.EXE D:\Programme\Winamp\winampa.exe C:\Programme\Messenger\msmsgs.exe __________________________________________________ ___________________________________________________ neue meldung von kaspersky __________________________________________________ ___________________________________________________ das file: C:\WINDOWS\System32\windowsu.exe gibt es nicht mehr. __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 15.08.2004 um 22:28 Uhr von Sabina editiert.
|
|
|
|
|
15.08.2004, 22:30
Ehrenmitglied
Beiträge: 29434 |
#19
@hr.grün
Poste bitte das Komplette Log noch einmal. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 15.08.2004 um 22:30 Uhr von Sabina editiert.
|
|
|
|
|
16.08.2004, 16:58
...neu hier
Beiträge: 4 |
#20
danke für die mühe
escan log: File C:\WINDOWS\hosts infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\WINDOWS\loadnew.exe infected by "TrojanDownloader.Win32.Harnig.y" Virus. Action Taken: File Deleted. File C:\WINDOWS\system.exe infected by "Trojan.Win32.Killav.db" Virus. Action Taken: File Deleted. File C:\WINDOWS\system32\system32.dll infected by "Trojan.Win32.Killav.db" Virus. Action Taken: File Deleted. File C:\Dokumente und Einstellungen\AZM\Lokale Einstellungen\Temp\saveinstwm.exe infected by "not-a-virus:AdvWare.SaveNow.z" Virus. Action Taken: File Renamed. File C:\Dokumente und Einstellungen\AZM\Lokale Einstellungen\Temp\~9.exe infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Programme\AVWin\INFECTED\eoai.VIR infected by "TrojanDownloader.Win32.PurityScan.e" Virus. Action Taken: File Deleted. File C:\Programme\AVWin\INFECTED\HOSTS.VIR infected by "TrojanDownloader.Win32.Small.li" Virus. Action Taken: File Deleted. File D:\Appz\Antivir\backup-20040816-145753-492 infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed. File D:\Appz\Antivir\hijackthis.log infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed. File D:\Appz\Longhorn\1\Longhorn 4.zip tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\vgirl_planic_full19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\VirtuaGirl Alyssa - Beach Girl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\VirtuaGirl Duo - Naughty Games.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\VirtuaGirl Estelle - Sexy Vamp_full.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\VirtuaGirl full_wdrar05705.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\VirtuaGirl Victoria-TEENAGE GIRL_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\VirtuaGirl_sasch_full.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\mp3 dancer\virtuagirl_shaaur_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\aerth_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\affd106334.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\allvio_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\alsbl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\alwsha_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\ameshi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\appver_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\asitm_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\astlo_full18467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\attd100041.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\attd218467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\attd306334.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\babmag_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\badtl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\bardor_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\barnic_full00041.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\bathJ_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\bdych_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\beaaly_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\beadan_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\beazo_full19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\blaest_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\blagel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\blajad_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\blatat_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\blater_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\bluang_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\blufel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\bluter_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\boncar_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\bosdor_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\brajen_full19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\btych_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\bubd126500.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\busdor_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\cabfel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\cancar_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\canvio_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\casnad_full00041.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\cfmbl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\chealy_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\chiang_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\chrlo_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\clacar_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\clgba_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\clgtl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\cluver_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\comvio_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\copsd1.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\cormag_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\cowlo_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\cremag_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\damsha_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\dansha_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\darter_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\decfel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\dokd119169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\dowjud_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\duoblu01.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\duosaf.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\edrlo_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\eviest_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\evpbl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\exctl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\exerd111478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\exhzo_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\fadnic_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\fiteva_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\fitsha_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\flieva_full29358.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_crear18467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_cugad06334.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_drkar06334.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_fhgad18467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_ledar26500.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_mixad11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_nagad26500.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_psear19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_rabar15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_rfsar.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_ropar29358.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_rtead19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_sahar26962.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_satar24464.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_smead15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\full_wdrar05705.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\gabba_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\gamjud_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\gretat_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\heljud_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\hidshe_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\holaly_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\hollo_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\hookJ_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\hotcin_full18467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\hotd118467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\hotmic_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\indshi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\inhvio_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\inszo_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\intbl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\irrvi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\izavi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\jeajud_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\jewvi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\jivba_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\jngtl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\jogtl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\lavdan_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\libzo_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\lirth_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\litd100041.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\lithel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\litjen_full29358.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\lonmag_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\lovsd129358.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\lovter_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\lusgel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\malbl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\malgel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\mammic_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\mataJ_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\menhel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\micter01.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\middor_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\minang_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\minsha_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\mormk_full26500.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nacd126962.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nigeva_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nigsha_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nigshi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nigtat_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nigzo_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nnnau118467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nnpre118467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\nnsex118467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\obsvi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\panest_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\peemag_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\pgubl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\piklo_full18467.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\pinang_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\pingel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\pinshe_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\piwtm_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\planic_full19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\plyd124464.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\precin_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\prejen_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\prenad_full26500.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\prohel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\ptyba_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\purang_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\purfel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\purshe_full19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\rapjd115724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\redang_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\redgel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\redshi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\redtat_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\rodfel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\saijad_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\santJ_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sasch_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\schjud_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\schlo_full19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\scojen_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\scokd123281.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sconic_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\seaJ_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\seccin_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\secdor_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\secmic_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sensd105705.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sepcin_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexaly_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexba_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexcar_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexest_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexjen_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexmk_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexsha_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sexshe_full19169.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shaaur_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shasha_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shath_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shdbl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shftm_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shnch_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shoaur_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\shyvi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\silaur_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sleeva_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\slesha_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\snodan_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sofnad_full26500.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\soivi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\spejad_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\spocar_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sprmk_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sskba_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\strch_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\strjad_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\suneva_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\sxlch_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\tahsha_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\teamk_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\teatl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\teeest_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\teejud_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\teemk_full15724.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\tegvi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\tenvi_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\thbd116827.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\tigrJ_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\trwth_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\uaf_full29358.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\ungtl_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\velaur_full11478.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\vendan_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\vioch_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\wetch_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\wetver_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\whicin_full29358.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\whihel_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\whimic_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\widest_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\wilver_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\windor_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Appz\Virtua Girls\Vgirls Filles\winth_full.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Gamez\--Cra*hier nicht!*--\C&C Generäle - Die Stunde Null - CHEATS TIPPS TRICKS.rar infected by "Backdoor.Optix.Pro.13" Virus. Action Taken: File Deleted. File D:\Gamez\--Cra*hier nicht!*--\C&C Generäle - Die Stunde Null - NoCD Crack german [www.goldesel.6x.to].rar infected by "Backdoor.Optix.Pro.13" Virus. Action Taken: File Deleted. File D:\Netzwerk\BSINSTALL.exe infected by "not-a-virus:AdvWare.SaveNow.z" Virus. Action Taken: File Renamed. File D:\Netzwerk\Davideo 4 keyg*hier nicht* Crack.0xe infected by "Worm.P2P.Backterra.a" Virus. Action Taken: File Deleted. File D:\System Volume Information\_restore{2B98E083-D681-4BA5-B54D-5CC4564CEB3C}\RP122\A0024564.exe tagged as not-a-virus  ornWare.Dialer.Star. No Action Taken.File D:\System Volume Information\_restore{415D34A3-A250-4221-BD9E-7B978B1F3101}\RP7\A0001149.exe infected by "Trojan.Win32.Happyday" Virus. Action Taken: File Deleted. File D:\System Volume Information\_restore{6265233F-21CF-47C3-B9C8-E63C0DAF8D23}\RP11\A0003260.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\System Volume Information\_restore{6265233F-21CF-47C3-B9C8-E63C0DAF8D23}\RP29\A0003864.exe infected by "Backdoor.BO2K.10" Virus. Action Taken: File Renamed. File D:\System Volume Information\_restore{673AEC04-431E-4C62-AAFF-B1BFFC7D361D}\RP12\A0003073.exe tagged as not-a-virus ornWare.Dialer.Star. No Action Taken.File D:\System Volume Information\_restore{673AEC04-431E-4C62-AAFF-B1BFFC7D361D}\RP8\A0001476.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\System Volume Information\_restore{E3575AC0-BDC3-4388-93FA-0B2E12DBFFFC}\RP42\A0012307.exe tagged as not-a-virus ornWare.Dialer.Star. No Action Taken.File D:\System Volume Information\_restore{E3575AC0-BDC3-4388-93FA-0B2E12DBFFFC}\RP7\A0003064.exe infected by "Worm.P2P.Reur.c" Virus. Action Taken: File Deleted. kaspersky log: bei C:\WINDOWS\System32\msrexe.exe.........Remote Access / Hacking tool / ICQ trojan\BackDoor-G2.svr.21 (?)\ Troj/Sub7-2.1H hat er gesagt: Please insert a file name for scanning and try again. Scanned file: explorer.exe explorer.exe - packed with UPX explorer.exe - infected by TrojanSpy.Win32.Small.ad Statistics: Known viruses: 96379 Updated: 16-08-2004 File size (Kb): 5 Virus bodies: 1 Files: 2 Warnings: 0 Archives: 0 Suspicious: 0 Scanned file: wscntfy.exe wscntfy.exe - OK Statistics: Known viruses: 96387 Updated: 16-08-2004 File size (Kb): 14 Virus bodies: 0 Files: 1 Warnings: 0 Archives: 0 Suspicious: 0 Scanned file: fsbllsew.exe fsbllsew.exe - infected by TrojanDownloader.Win32.PurityScan.i Statistics: Known viruses: 96387 Updated: 16-08-2004 File size (Kb): 360 Virus bodies: 1 Files: 1 Warnings: 0 Archives: 0 Suspicious: 0 Logfile of HijackThis v1.97.7 Scan saved at 16:59:21, on 16.08.2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe D:\Appz\Longhorn\3\Glass2k.exe C:\Programme\AVWin\AVGNT.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe C:\WINDOWS\system32\RAMASST.exe C:\Programme\AVWin\AVGUARD.EXE C:\Programme\AVWin\AVWUPSRV.EXE C:\WINDOWS\System32\DVDRAMSV.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\AVWin\GUARDGUI.EXE C:\base\mwavscan.com C:\base\kavss.exe D:\Appz\Antivir\HijackThis.exe O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [Glass2k] D:\Appz\Longhorn\3\Glass2k.exe O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVWin\AVGNT.EXE" /min O4 - HKLM\..\Run: [AVWUpd32] "C:\PROGRA~1\AVWin\Avwupd32.EXE" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: StyleXP.lnk = C:\Programme\TGTSoft\StyleXP\StyleXP.exe O9 - Extra button: Yahoo! Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O10 - Broken Internet access because of LSP provider 'avsda.dll' missing O16 - DPF: {1D168290-F3DF-4842-94C3-2862596771FB} (Yahoo! Fotos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3de.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab mfg bambo |
|
|
|
|
16.08.2004, 23:38
Ehrenmitglied
Beiträge: 29434 |
#21
Hallo @Bambo
#deaktiviere die Wiederherstellung (UNBEDINGT)...boote und aktiviere sie wieder http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/gdocid/20030807105707924 (dadurch verschwinden die Reste vom Dialer...) #Lade Spybot http://www.safer-networking.org/de/download/index.html um das Problem unter <010< zu loesen. #Lade den Firefox und surfe nur mit ihm http://www.firebird-browser.de/ Dann poste das Log noch mal. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 16.08.2004 um 23:40 Uhr von Sabina editiert.
|
|
|
|
|
17.08.2004, 03:59
...neu hier
Beiträge: 4 |
#22
hi sabina
Logfile of HijackThis v1.97.7 Scan saved at 03:55:32, on 17.08.2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe D:\Appz\Longhorn\3\Glass2k.exe C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe C:\WINDOWS\system32\RAMASST.exe C:\Programme\TGTSoft\StyleXP\StyleXP.exe C:\WINDOWS\System32\DVDRAMSV.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Programme\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\Mozilla Firefox\firefox.exe D:\Appz\Antivir\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [Glass2k] D:\Appz\Longhorn\3\Glass2k.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: StyleXP.lnk = C:\Programme\TGTSoft\StyleXP\StyleXP.exe O9 - Extra button: Yahoo! Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O16 - DPF: {1D168290-F3DF-4842-94C3-2862596771FB} (Yahoo! Fotos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3de.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab was für eine firewall/antivir-prog nutz du? mfg bambo |
|
|
|
|
17.08.2004, 10:43
Ehrenmitglied
Beiträge: 29434 |
#23
Hallo @Bambo
Das Log ist sauber  #Mircrosoft® warnt vor einer ernsthaften Sicherheitslücke des Internet-Explorer® (IE), der auf Windows-Systemen als Standard-Browser verwendet wird. Betroffen sind die Versionen IE 6 und IE 5.5 mit Service Pack 2 (SP2). Passwörter in Gefahr Angreifer können mit bestimmten Internet-Adressen "Cookies" von der Festplatte des Nutzers auslesen und manipulieren. Dadurch ist es auch möglich, an Passwörter und andere sicherheitsrelevante Informationen zu gelangen Sicherheits-Patch fertig Ein deutschsprachiger Patch, der dieses Sicherheitsloch stopfen soll, steht zum kostenlosen Download bereit. Der Patch ist nur für den Internet-Explorer® 5.5 mit eingespielten SP2 sowie den Internet- Explorer® 6.0 notwendig. * Patch für IE-Cookie-Verwaltung Erste Hilfe: Cookies abschalten Da die Cookies offensichtlich über ein im HTML-Quellcode verstecktes Skript ausgelesen werden, hatte sich Microsoft dazu durchgerungen, die Deaktivierung von Cookies über die Sicherheitseinstellungen in den Internet-Optionen zu empfehlen. http://www.edv-kahlert.de/news/ms_ie_sicherheitsloch.htm Deine Frage nach nuetzlichen Tools: #Adaware (free)...Spywarescanner..woechentlich updaten http://www.lavasoft.de/support/download/ #Ich benutze als Firewall <Sygate Pro< (ist kostenpflichtig), aber der normale Sygate< tut es auch. http://smb.sygate.com/products/spf_standard.htm Test (mit Sygate) http://scan.sygatetech.com/ #Lade den Firefox und surfe nur mit ihm (ist sicherer) http://www.firebird-browser.de/ mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 17.08.2004 um 10:53 Uhr von Sabina editiert.
|
|
|
|
|
18.08.2004, 14:25
...neu hier
Beiträge: 4 |
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
C:\WINDOWS\HOSTS
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
Logfile of HijackThis v1.97.7
Scan saved at 20:49:32, on 15.08.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Appz\Longhorn\3\Glass2k.exe
C:\Programme\Creative\PC-CAM Center\CAMTRAY.EXE
C:\Programme\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\explorer.exe
C:\WINDOWS\System32\msrexe.exe
C:\WINDOWS\system32\explorer.exe
C:\PROGRA~1\Save\Save.exe
C:\Programme\AVWin\AVGNT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\AVWin\AVGUARD.EXE
C:\Programme\AVWin\AVWUPSRV.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\fsbllsew.exe
C:\WINDOWS\system32\RAMASST.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\AVWin\GUARDGUI.EXE
D:\Appz\Antivir\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = wmplayer.exe //ICWLaunch
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - C:\PROGRA~1\LANGEN~1.0\Engine\mte\StdAlone\T1IE.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Glass2k] D:\Appz\Longhorn\3\Glass2k.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programme\Creative\PC-CAM Center\CAMTRAY.EXE
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Explorer] C:\WINDOWS\system32\explorer.exe
O4 - HKLM\..\Run: [System Service] C:\WINDOWS\System32\msrexe.exe
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [BearShare] "D:\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [Desksite CMA] C:\Programme\desksite\bin\cma.exe
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVWin\AVGNT.EXE" /min
O4 - HKLM\..\Run: [AVWUpd32] "C:\PROGRA~1\AVWin\Avwupd32.EXE" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\PROGRA~1\XEMICO~1\ACTIVE~1\ADC.exe
O4 - HKCU\..\Run: [Rojkdma] C:\WINDOWS\System32\fsbllsew.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.xxxtoolbar.com
O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} - http://install.global-netcom.de/ieloader.cab
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-its:mhtml:file://c:\nosuch.mht!http://213.159.117.133/dl/adv90/x.chm::/load.exe
O16 - DPF: {1D168290-F3DF-4842-94C3-2862596771FB} (Yahoo! Fotos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3de.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
könnt ihr mir helfen
mfg bambo