Wininet.dll Problem

#1 Erster Scan mit ActiveScan von Panda

Incident Status Location

Virus:Trj/Zhenya.A Disinfected Operating system
Adware:adware/azesearch No disinfected C:\WINDOWS\SYSTEM\ZOLKER011.DLL
Adware:Adware/Bondreal No disinfected C:\WINDOWS\SYSTEM\PERFORMENT011.DLL
Spyware:spyware/smitfraud No disinfected C:\WINDOWS\SYSTEM\OLEEXT.DLL
Virus:W32/Smitfraud.D Disinfected Operating system
Adware:adware/adsmart No disinfected C:\WINDOWS\TEMP\pi.sys
Adware:adware/psguard No disinfected C:\WINDOWS\TEMP\PSGuardInstall.exe
Adware:adware/azesearch No disinfected C:\WINDOWS\ALL USERS\DESKTOP\Mp3 Download.url
Adware:adware/cws.searchmeup No disinfected C:\WINDOWS\ALL USERS\DESKTOP\Spyware Remover.url
Adware:adware/popuper No disinfected C:\WINDOWS\ALL USERS\DESKTOP\Online Dating.url
Spyware:spyware/smitfraud No disinfected C:\WINDOWS\SYSTEM\oleext.dll
Adware:adware/antivirus-gold No disinfected C:\WINDOWS\desktop.html
Adware:adware program No disinfected C:\WINDOWS\flag.bla
Adware:adware/block-checker No disinfected Windows Registry
Virus:Trj/Zhenya.A Disinfected C:\WINDOWS\SYSTEM\3200.TMP
Virus:Trj/Zhenya.A Disinfected C:\WINDOWS\SYSTEM\birdihuy32.dll
Virus:W32/Smitfraud.D Disinfected C:\WINDOWS\SYSTEM\WININET.DLL
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\SYSTEM\9179357.exe
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\SYSTEM\ztoolb011.dll
Adware:Adware/Bondreal No disinfected C:\WINDOWS\SYSTEM\performent011.dll
Adware:Adware/Tubby No disinfected C:\WINDOWS\SYSTEM\972134.exe
Adware:Adware/CWS.Searchmeup No disinfected C:\WINDOWS\SYSTEM32\svcnvt.exe
Adware:Adware/Startpage.AJF No disinfected C:\WINDOWS\SYSTEM32\shdocnvt.dll
Adware:Adware/Tubby No disinfected C:\WINDOWS\Local Settings\Temporary Internet Files\Content.IE5\WXMTUDKF\001[1].exe
Adware:Adware/Bondreal No disinfected C:\WINDOWS\Local Settings\Temporary Internet Files\Content.IE5\7QIJTXAT\26[1].exe
Adware:Adware/Tubby No disinfected C:\WINDOWS\Local Settings\Temporary Internet Files\Content.IE5\7QIJTXAT\001[1].exe
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\Local Settings\Temporary Internet Files\Content.IE5\XYZ0ATC4\loadppc[1].exe
Adware:Adware/Bondreal No disinfected C:\Hijack This\backups\backup-20051002-232410-811.dll


eScan gibt an Infected!

ma okt 03 00:00:53 2005 => C:\WINDOWS\desktop.html File Infected with "not-virus:Hoax.Win32.Aflac.a". Action Taken: File renamed!
ma okt 03 00:06:22 2005 => C:\WINDOWS\SYSTEM\birdihuy32.dll File Infected with "Trojan-Proxy.Win32.Small.ct". (De toegang is geweigerd)Unable to delete infected file. Virus could not be removed!
ma okt 03 00:06:23 2005 => C:\WINDOWS\SYSTEM\oleext.dll File Infected with "Virus.Win32.Nsag.b". (De toegang is geweigerd)Unable to rename infected file. Virus could not be removed!
ma okt 03 00:06:24 2005 => C:\WINDOWS\SYSTEM\WININET.DLL File Infected with "Virus.Win32.Nsag.b". (De toegang is geweigerd)Unable to rename infected file. Virus could not be removed!
ma okt 03 00:06:24 2005 => C:\WINDOWS\SYSTEM\intell32.exe File Infected with "Virus.Win32.Nsag.b". Action Taken: File renamed!
ma okt 03 00:06:25 2005 => Result: File C:\WINDOWS\SYSTEM\9179357.exe with not-a-virus:AdWare.Win32.Zbar.h No Action Taken!
ma okt 03 00:06:27 2005 => Result: File C:\WINDOWS\SYSTEM\ztoolb011.dll with not-a-virus:AdWare.Win32.Zbar.h No Action Taken!
ma okt 03 00:06:32 2005 => C:\WINDOWS\SYSTEM\971029.exe File Infected with "Trojan-Clicker.Win32.Small.hz". Action Taken: File deleted!
ma okt 03 00:06:34 2005 => C:\WINDOWS\SYSTEM\972134.exe File Infected with "Trojan-Clicker.Win32.Small.hp". Action Taken: File deleted!
ma okt 03 00:09:37 2005 => C:\WINDOWS\SYSTEM32\svcnvt.exe File Infected with "Trojan-Downloader.Win32.Delf.ks". Action Taken: File deleted!
ma okt 03 00:22:37 2005 => Result: File C:\Program Files\P.S.Guard\database.pkg not Scanned. Possibly password protected...

SmitRem gibt an Infected!

smitRem log file
version 2.3

by noahdfear


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run Files Present


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system folder ~~~


oleext.dll


~~~ Icons in system folder ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~~ wininet.dll ~~~~

wininet.dll Present!!


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Post-run Files Present


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system folder ~~~


oleext.dll


~~~ Icons in system folder ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~~ wininet.dll ~~~~

wininet.dll INFECTED!!

Jotti gibt an Infected!

File: Wininet.dll
Status: INFECTED/MALWARE
MD5 4889a5cfa463f39cbd1b3a338c71f7f2
Packers detected: -
Scanner results
AntiVir Found W32/Nsag.B
ArcaVir Found Trojan.Callgate.Oleadm.3
Avast Found Win32:Nsag-B
AVG Antivirus Found Win32/Nsag
BitDefender Found Trojan.WininetHook.A
ClamAV Found W32.Nsag.B
Dr.Web Found Trojan.DownLoader.2636
F-Prot Antivirus Found W32/Oleadm.B
Fortinet Found nothing
Kaspersky Anti-Virus Found Virus.Win32.Nsag.b
NOD32 Found Win32/Oleloa.gen
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found Virus.Win32.Nsag

Zweiter Scan bei Panda

Incident Status Location

Virus:Trj/Zhenya.A Disinfected C:\WINDOWS\SYSTEM\birdihuy32.dll
Spyware:spyware/smitfraud No disinfected C:\WINDOWS\SYSTEM\oleext.dll
Virus:W32/Smitfraud.D Disinfected C:\WINDOWS\SYSTEM\WININET.DLL
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\SYSTEM\9179357.exe
Adware:adware/azesearch No disinfected C:\WINDOWS\SYSTEM\zolker011.dll
Adware:Adware/AzeSearch No disinfected C:\WINDOWS\SYSTEM\ztoolb011.dll
Adware:Adware/Bondreal No disinfected C:\WINDOWS\SYSTEM\performent011.dll
Adware:Adware/Startpage.AJF No disinfected C:\WINDOWS\SYSTEM32\shdocnvt.dll
Adware:adware/cws.searchmeup No disinfected C:\WINDOWS\All Users\Desktop\Spyware Remover.url
Adware:adware/adsmart No disinfected C:\WINDOWS\TEMP\pi.sys
Adware:Adware/Bondreal No disinfected C:\Hijack This\backups\backup-20051002-232410-811.dll
Wer begreift es noch?
__________
MfG Argus