Windows Security Center |
||
|---|---|---|
| #0
| ||
|
10.05.2006, 21:01
Ehrenmitglied
 Beiträge: 29434 |
||
 
|
|
|
|
10.05.2006, 21:40
...neu hier
Beiträge: 10 |
#17
hallo,
beim online scan muss ich ein activex element herunterladen und installieren. und wenn er dies tut, meldet sich mein avast und sagt mir es ist mailware, und er stoppt das. normal?? mfg |
|
|
|
|
|
|
11.05.2006, 10:35
Ehrenmitglied
Beiträge: 29434 |
||
|
|
|
|
|
11.06.2006, 11:43
...neu hier
Beiträge: 10 |
#19
Guten Morgen, hab mal nen Prob mit Spywaresheriff oder anderen. Schien nicht alles gelöscht worden zu sein
 Ich poste mal die Hijach und das andere. MfG Hijack: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Avast4\aswUpdSv.exe C:\Avast4\ashServ.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Programme\VIAudioi\SBADeck\ADeck.exe C:\Avast4\ashDisp.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\Programme\Synaptics\SynTP\SynTPLpr.exe C:\Programme\Internet Explorer\iexplore.exe C:\Avast4\ashMaiSv.exe C:\Avast4\ashWebSv.exe C:\WINDOWS\explorer.exe C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\Temp\Temporäres Verzeichnis 1 für hijackthis_199.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [AudioDeck] C:\Programme\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avast!] C:\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{24849907-D604-4147-98BD-41D3073F5B3B}: NameServer = 192.168.1.1 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe Hier die datfind: Verzeichnis von C:\WINDOWS\system32 11.06.2006 11:16 0 asfiles.txt 11.06.2006 11:11 2.550 Uninstall.ico 11.06.2006 11:11 1.406 Help.ico 11.06.2006 11:11 30.590 pavas.ico 11.06.2006 10:43 0 adobepnl.dll 11.06.2006 10:39 0 lrf.dat 11.06.2006 10:39 8 winlogon.ini 11.06.2006 10:39 4 thlwin32.dll 11.06.2006 10:39 13.312 winflash.dll 11.06.2006 10:39 13.312 qjrkvy.exe 11.06.2006 10:36 8.704 qwhfncne.exe 10.06.2006 16:05 7.666 cnuzqwpd.exe 08.06.2006 13:57 401.262 perfh009.dat 08.06.2006 13:57 415.714 perfh007.dat 08.06.2006 13:57 62.542 perfc009.dat 08.06.2006 13:57 75.194 perfc007.dat 03.06.2006 10:15 7.666 kfjbqaop.exe 03.06.2006 10:14 2.984 CONFIG.NT 02.06.2006 15:56 2.206 wpa.dbl 31.05.2006 11:02 624.640 aswBoot.exe 31.05.2006 10:54 90.112 AVASTSS.scr 26.05.2006 19:33 6.152 fejejald.exe 20.05.2006 10:48 98.304 CmdLineExt.dll 19.05.2006 18:32 64.516 ipod.raw.exe 16.05.2006 18:38 82.436 hgoddega.exe 13.05.2006 19:52 4.212 zllictbl.dat 04.05.2006 06:26 5.818.784 MRT.exe 27.04.2006 17:49 288.417 SrchSTS.exe 06.04.2006 16:27 2.412 lvcoinst.log 06.04.2006 16:03 114.176 FNTCACHE.DAT 06.04.2006 10:54 73.728 asuninst.exe 03.04.2006 13:55 21.840 SIntfNT.dll 03.04.2006 13:55 17.212 SIntf32.dll 03.04.2006 13:55 12.067 SIntf16.dll 03.04.2006 10:59 128 xposer.cfg 03.04.2006 10:59 128 asinst.cfg 30.03.2006 11:26 1.492.480 shdocvw.dll 30.03.2006 03:16 18.944 xpsp3res.dll 26.03.2006 17:38 966.250 PerfStringBackup.INI 23.03.2006 22:34 3.074.560 mshtml.dll 18.03.2006 13:09 615.424 urlmon.dll 17.03.2006 11:11 679.424 inetcomm.dll 17.03.2006 06:03 8.493.056 shell32.dll 17.03.2006 02:38 28.672 verclsid.exe 10.03.2006 06:09 5.533.696 wmp.dll 08.03.2006 21:20 16.832 amcompat.tlb 08.03.2006 21:20 23.392 nscompat.tlb 08.03.2006 20:46 249 spupdwxp.log 04.03.2006 05:34 664.064 wininet.dll 04.03.2006 05:34 474.624 shlwapi.dll 04.03.2006 05:34 448.512 mshtmled.dll 04.03.2006 05:34 39.424 pngfilt.dll 04.03.2006 05:34 532.480 mstime.dll 04.03.2006 05:34 146.432 msrating.dll 04.03.2006 05:34 55.808 extmgr.dll 04.03.2006 05:34 96.768 inseng.dll 04.03.2006 05:34 205.312 dxtrans.dll 04.03.2006 05:34 1.056.256 danim.dll 04.03.2006 05:34 251.392 iepeers.dll 04.03.2006 05:34 1.022.976 browseui.dll 04.03.2006 05:34 152.064 cdfview.dll 01.03.2006 21:43 66.560 mtxclu.dll 01.03.2006 21:43 161.280 msdtcuiu.dll 01.03.2006 21:43 956.416 msdtctm.dll 01.03.2006 21:43 91.136 mtxoci.dll 01.03.2006 21:43 11.776 xolehlp.dll 01.03.2006 21:43 426.496 msdtcprx.dll Verzeichnis von C:\Temp 11.06.2006 11:06 49.152 ~DFF45F.tmp 11.06.2006 10:21 16.384 Perflib_Perfdata_61c.dat Verzeichnis von C:\WINDOWS 11.06.2006 11:39 186.368 setupact.log 11.06.2006 11:16 948 win.ini 11.06.2006 11:13 301.077 setupapi.log 11.06.2006 10:39 49 spacer.gif 11.06.2006 10:37 283 x.gif 11.06.2006 10:37 1.791 win_logo.gif 11.06.2006 10:37 3.877 warning_icon.gif 11.06.2006 10:37 291 v.gif 11.06.2006 10:37 2.374 ts_header.gif 11.06.2006 10:37 688 ts.gif 11.06.2006 10:37 550 star_small.gif 11.06.2006 10:37 223 star_gray_small.gif 11.06.2006 10:37 425 star_gray.gif 11.06.2006 10:37 6.399 spyware-detected.gif 11.06.2006 10:37 963 spacer.gif' 11.06.2006 10:37 53 sep_vert.gif 11.06.2006 10:37 65 sep_hor.gif 11.06.2006 10:37 6.695 security_center_caption.gif 11.06.2006 10:37 10.809 security-center-logo.gif 11.06.2006 10:37 177 security-center-bg.gif 11.06.2006 10:37 2.735 scan_btn.gif 11.06.2006 10:37 2.271 rf_header.gif 11.06.2006 10:37 611 rf.gif 11.06.2006 10:37 215 main_back.gif 11.06.2006 10:37 11.077 header_4.gif 11.06.2006 10:37 10.193 header_3.gif 11.06.2006 10:37 15.421 header_2.gif 11.06.2006 10:37 25.023 header_1.gif 11.06.2006 10:37 2.922 footer_back.jpg 11.06.2006 10:37 2.306 footer_back.gif 11.06.2006 10:37 592 features.gif 11.06.2006 10:37 2.238 download_box.gif 11.06.2006 10:37 2.067 button_freescan.gif 11.06.2006 10:37 1.682 button_buynow.gif 11.06.2006 10:37 11.602 box_3.gif 11.06.2006 10:37 12.019 box_2.gif 11.06.2006 10:37 5.741 box_1.gif 11.06.2006 10:37 2.695 as_header.gif 11.06.2006 10:37 847 as.gif 11.06.2006 10:37 372 about_spyware_bottom.gif 11.06.2006 10:37 110 about_spyware_bg.gif 11.06.2006 10:27 1.667.322 WindowsUpdate.log 11.06.2006 10:21 0 0.log 11.06.2006 10:20 50 wiaservc.log 11.06.2006 10:20 159 wiadebug.log 11.06.2006 10:20 2.048 bootstat.dat 11.06.2006 02:44 32.618 SchedLgU.Txt 08.06.2006 14:11 88.621 iis6.log 08.06.2006 14:11 152.394 comsetup.log 08.06.2006 14:11 93.876 ntdtcsetup.log 08.06.2006 14:11 21.396 ocmsn.log 08.06.2006 14:11 4.507 imsins.log 08.06.2006 14:11 235.740 tsoc.log 08.06.2006 14:11 333.163 ocgen.log 08.06.2006 14:11 30.532 msgsocm.log 08.06.2006 14:11 583.703 FaxSetup.log 08.06.2006 13:57 4.507 imsins.BAK 08.06.2006 13:57 89.525 wmsetup.log 06.06.2006 11:27 32 wininit.ini 31.05.2006 18:27 0 uesviewer.INI 31.05.2006 18:27 71 pex.INI 09.05.2006 20:24 11.732 KB913580.log 09.05.2006 20:24 35.532 updspapi.log 09.05.2006 20:01 138.980 ntbtlog.txt 09.05.2006 14:54 26 ulead32.ini 26.04.2006 07:47 11.120 KB900485.log 13.04.2006 13:55 4.052 ModemLog_Smart Link 56K Modem.txt 12.04.2006 12:03 32.067 spupdsvc.log 12.04.2006 12:00 16.600 KB908531.log 12.04.2006 11:59 15.783 KB911562.log 12.04.2006 11:59 17.654 KB912812.log 12.04.2006 11:58 26.016 KB911565.log 12.04.2006 11:58 10.645 KB911567.log 11.04.2006 22:09 1.349.106 setupapi.log.0.old 06.04.2006 16:07 81.920 bwUnin-6.1.4.68-8876480L.exe 05.04.2006 23:22 165.409 DirectX.log Verzeichnis von C:\ 11.06.2006 11:52 0 sys.txt 11.06.2006 11:52 9.924 system.txt 11.06.2006 11:51 330 systemtemp.txt 11.06.2006 11:50 98.946 system32.txt 11.06.2006 11:40 1.030 rapport.txt 11.06.2006 10:20 805.306.368 pagefile.sys 23.04.2006 12:06 127 CountCyclesWMVDecLog.txt 06.04.2006 16:07 183 LogiSetup.log 02.04.2006 20:14 4 i76uveh.def 08.03.2006 20:09 210 boot.ini 08.03.2006 19:59 47.564 NTDETECT.COM 08.03.2006 19:59 251.184 ntldr MfG Dieser Beitrag wurde am 11.06.2006 um 11:53 Uhr von JJ1900 editiert.
|
|
|
|
|
|
|
11.06.2006, 13:09
Ehrenmitglied
Beiträge: 29434 |
#20
JJ1900
Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste den report vom avenger, der erscheint ** C:\Program Files\SpywareSheriff -> deinstallieren...loeschen ** smitfraudfix http://virus-protect.org/artikel/tools/smitfrautfix.html . doppelklick smitfraudfix.cmd . schreibe: 1 (es wird ein Report von den infizierten Dateien erstellt)-> hier posten . doppelklick smitfraudfix.cmd . schreibe: 2 . auf die Frage: "Voulez-vous nettoyer le registre ?" antworte mit: o [o/n] , falls festgestellt wird, dass die Datei wininet.dll infiziert ist, antworte auf die Frage: " Corriger le fichier infecté ?" mit o [o/n] die Taskleiste verschwindet + Bildschirm..alles wird blau werden...warte... wenn der Scan beeendet ist ** poste alle logs von completbat (am besten als Anhang...siehe unten) http://virus-protect.org/completbat.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
11.06.2006, 14:37
...neu hier
Beiträge: 10 |
#21
so hier der bericht vom avenger, konnte nen paar dateien nicht löschen!!
////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 1813 Line: HKEY_CURRENT_USER\Software\SpywareSheriff Syntax error in line --- does not appear to be a valid registry path. Line will be ignored. Error code: 1813 Line: HKEY_CURRENT_USER\Software\SNO2 ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\agkmlecf ******************* Script file located at: \??\C:\Program Files\ihjbhwcf.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\adobepnl.dll deleted successfully. File C:\WINDOWS\system32\lrf.dat deleted successfully. File C:\WINDOWS\system32\winlogon.ini deleted successfully. File C:\WINDOWS\system32\thlwin32.dll deleted successfully. File C:\WINDOWS\system32\winflash.dll deleted successfully. File C:\WINDOWS\system32\qjrkvy.exe deleted successfully. File C:\WINDOWS\system32\qwhfncne.exe deleted successfully. File C:\WINDOWS\system32\cnuzqwpd.exe deleted successfully. File C:\WINDOWS\system32\kfjbqaop.exe deleted successfully. File C:\WINDOWS\system32\ipod.raw.exe deleted successfully. File C:\WINDOWS\system32\hgoddega.exe deleted successfully. File C:\WINDOWS\spacer.gif deleted successfully. File C:\WINDOWS\x.gif deleted successfully. File C:\WINDOWS\win_logo.gif deleted successfully. File C:\WINDOWS\warning_icon.gif deleted successfully. File C:\WINDOWS\v.gif deleted successfully. File C:\WINDOWS\ts_header.gif deleted successfully. File C:\WINDOWS\ts.gif deleted successfully. File C:\WINDOWS\star_small.gif deleted successfully. File C:\WINDOWS\star_gray_small.gif deleted successfully. File C:\WINDOWS\star_gray.gif deleted successfully. File C:\WINDOWS\spyware-detected.gif deleted successfully. File C:\WINDOWS\spacer.gif' deleted successfully. File C:\WINDOWS\sep_vert.gif deleted successfully. File C:\WINDOWS\sep_hor.gif deleted successfully. File C:\WINDOWS\security_center_caption.gif deleted successfully. File C:\WINDOWS\security-center-logo.gif deleted successfully. File C:\WINDOWS\security-center-bg.gif deleted successfully. File C:\WINDOWS\scan_btn.gif deleted successfully. File C:\WINDOWS\rf_header.gif deleted successfully. File C:\WINDOWS\rf.gif deleted successfully. File C:\WINDOWS\main_back.gif deleted successfully. File C:\WINDOWS\header_4.gif deleted successfully. File C:\WINDOWS\header_3.gif deleted successfully. File C:\WINDOWS\header_2.gif deleted successfully. File C:\WINDOWS\header_1.gif deleted successfully. File C:\WINDOWS\footer_back.jpg deleted successfully. File C:\WINDOWS\footer_back.gif deleted successfully. File C:\WINDOWS\features.gif deleted successfully. File C:\WINDOWS\download_box.gif deleted successfully. File C:\WINDOWS\button_freescan.gif deleted successfully. File C:\WINDOWS\button_buynow.gif deleted successfully. File C:\WINDOWS\box_3.gif deleted successfully. File C:\WINDOWS\box_2.gif deleted successfully. File C:\WINDOWS\box_1.gif deleted successfully. File C:\WINDOWS\as_header.gif deleted successfully. File C:\WINDOWS\as.gif deleted successfully. File C:\WINDOWS\about_spyware_bottom.gif deleted successfully. File C:\WINDOWS\about_spyware_bg.gif deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareSheriff not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareSheriff failed! Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. smithfraud: SmitFraudFix v2.41 Scan done at 14:37:53,23, 11.06.2006 Run from C:\Dokumente und Einstellungen\janny\Eigene Dateien\Spyware\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\Dokumente und Einstellungen\janny\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\DOKUME~1\janny\FAVORI~1 »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Programme »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End |
|
|
|
|
|
|
11.06.2006, 15:18
Ehrenmitglied
Beiträge: 29434 |
#22
kopiere in den Avenger:
Zitat registry keys to delete:poste das log nach dem neustart ** poste noch mal die 4 logs von datfindbat ** Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
11.06.2006, 22:57
...neu hier
Beiträge: 10 |
#23
Von Avenger wurde die File nicht gefunden!?
hier Datfindbat: Verzeichnis von C:\WINDOWS\system32 11.06.2006 22:51 40.960 swsc.exe 11.06.2006 22:51 42.496 swreg.exe 11.06.2006 22:51 288.417 SrchSTS.exe 11.06.2006 22:51 53.248 Process.exe 11.06.2006 11:16 0 asfiles.txt 11.06.2006 11:11 2.550 Uninstall.ico 11.06.2006 11:11 1.406 Help.ico 11.06.2006 11:11 30.590 pavas.ico 11.06.2006 10:43 0 adobepnl.dll 11.06.2006 10:39 8 winlogon.ini 11.06.2006 10:39 4 thlwin32.dll 11.06.2006 10:39 13.312 qjrkvy.exe 11.06.2006 10:39 13.312 winflash.dll 11.06.2006 10:36 8.704 qwhfncne.exe 10.06.2006 16:05 7.666 cnuzqwpd.exe 08.06.2006 13:57 401.262 perfh009.dat 08.06.2006 13:57 62.542 perfc009.dat 08.06.2006 13:57 415.714 perfh007.dat 08.06.2006 13:57 75.194 perfc007.dat 03.06.2006 10:15 7.666 kfjbqaop.exe 03.06.2006 10:14 2.984 CONFIG.NT 02.06.2006 15:56 2.206 wpa.dbl 31.05.2006 11:02 624.640 aswBoot.exe 31.05.2006 10:54 90.112 AVASTSS.scr 26.05.2006 19:33 6.152 fejejald.exe 20.05.2006 10:48 98.304 CmdLineExt.dll 19.05.2006 18:32 64.516 ipod.raw.exe 16.05.2006 18:38 82.436 hgoddega.exe 13.05.2006 19:52 4.212 zllictbl.dat 04.05.2006 06:26 5.818.784 MRT.exe 06.04.2006 16:27 2.412 lvcoinst.log 06.04.2006 16:03 114.176 FNTCACHE.DAT 06.04.2006 10:54 73.728 asuninst.exe 03.04.2006 13:55 21.840 SIntfNT.dll 03.04.2006 13:55 17.212 SIntf32.dll 03.04.2006 13:55 12.067 SIntf16.dll 03.04.2006 10:59 128 xposer.cfg 03.04.2006 10:59 128 asinst.cfg 30.03.2006 11:26 1.492.480 shdocvw.dll 30.03.2006 03:16 18.944 xpsp3res.dll Verzeichnis von C:\Temp 11.06.2006 22:54 16.384 Perflib_Perfdata_578.dat 1 Datei(en) 16.384 Bytes 0 Verzeichnis(se), 59.654.328.320 Bytes frei Verzeichnis von C:\WINDOWS 11.06.2006 22:54 0 0.log 11.06.2006 22:54 159 wiadebug.log 11.06.2006 22:54 1.716.721 WindowsUpdate.log 11.06.2006 22:54 50 wiaservc.log 11.06.2006 22:54 2.048 bootstat.dat 11.06.2006 22:53 32.618 SchedLgU.Txt 11.06.2006 14:47 278.290 ntbtlog.txt 11.06.2006 14:42 302.518 setupapi.log 11.06.2006 14:38 186.428 setupact.log 11.06.2006 11:16 948 win.ini 08.06.2006 14:11 88.621 iis6.log 08.06.2006 14:11 152.394 comsetup.log 08.06.2006 14:11 93.876 ntdtcsetup.log 08.06.2006 14:11 333.163 ocgen.log 08.06.2006 14:11 4.507 imsins.log 08.06.2006 14:11 21.396 ocmsn.log 08.06.2006 14:11 235.740 tsoc.log 08.06.2006 14:11 30.532 msgsocm.log 08.06.2006 14:11 583.703 FaxSetup.log 08.06.2006 13:57 4.507 imsins.BAK 08.06.2006 13:57 89.525 wmsetup.log 06.06.2006 11:27 32 wininit.ini 31.05.2006 18:27 0 uesviewer.INI 31.05.2006 18:27 71 pex.INI 09.05.2006 20:24 11.732 KB913580.log 09.05.2006 20:24 35.532 updspapi.log 09.05.2006 14:54 26 ulead32.ini 26.04.2006 07:47 11.120 KB900485.log 13.04.2006 13:55 4.052 ModemLog_Smart Link 56K Modem.txt 12.04.2006 12:03 32.067 spupdsvc.log 12.04.2006 12:00 16.600 KB908531.log 12.04.2006 11:59 15.783 KB911562.log 12.04.2006 11:59 17.654 KB912812.log 12.04.2006 11:58 26.016 KB911565.log 12.04.2006 11:58 10.645 KB911567.log 11.04.2006 22:09 1.349.106 setupapi.log.0.old 06.04.2006 16:07 81.920 bwUnin-6.1.4.68-8876480L.exe 05.04.2006 23:22 165.409 DirectX.log 15.03.2006 13:47 43 festo.ini Verzeichnis von C:\ 11.06.2006 22:57 0 sys.txt 11.06.2006 22:57 7.964 system.txt 11.06.2006 22:56 281 systemtemp.txt 11.06.2006 22:55 98.901 system32.txt 11.06.2006 22:54 0 avenger.txt 11.06.2006 22:53 805.306.368 pagefile.sys 11.06.2006 22:53 304 pjfdhkfc.txt 11.06.2006 22:51 1.107 rapport.txt 23.04.2006 12:06 127 CountCyclesWMVDecLog.txt 06.04.2006 16:07 183 LogiSetup.log 02.04.2006 20:14 4 i76uveh.def 08.03.2006 20:09 210 boot.ini 08.03.2006 19:59 47.564 NTDETECT.COM 08.03.2006 19:59 251.184 ntldr hier die listen.bat Verzeichnis von C:\Program Files Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 80DB-DFC1 Verzeichnis von C:\WINDOWS\Temp 08.06.2006 13:57 <DIR> . 08.06.2006 13:57 <DIR> .. 0 Datei(en) 0 Bytes 2 Verzeichnis(se), 59.654.230.016 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 80DB-DFC1 Verzeichnis von C:\Temp 11.06.2006 22:59 <DIR> . 11.06.2006 22:59 <DIR> .. 11.06.2006 22:54 16.384 Perflib_Perfdata_578.dat 11.06.2006 22:57 <DIR> _avast4_ 1 Datei(en) 16.384 Bytes 3 Verzeichnis(se), 59.654.225.920 Bytes frei Und wie schauts jetzt aus?? MfG |
|
|
|
|
|
|
11.06.2006, 23:44
Ehrenmitglied
Beiträge: 29434 |
#24
kopiere in den avenger
Zitat Files to delete:gruene Ampel klicken, PC neustarten, poste den report + noch mal die 4 logs von datfindbat __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
11.06.2006, 23:55
...neu hier
Beiträge: 10 |
#25
Hier Avenger:
Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\jdywuwwn ******************* Script file located at: \??\C:\WINDOWS\vgeowgad.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Could not open file C:\Program Files\SpySheriff\base.avd for deletion Deletion of file C:\Program Files\SpySheriff\base.avd failed! Could not process line: C:\Program Files\SpySheriff\base.avd Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\base001.avd for deletion Deletion of file C:\Program Files\SpySheriff\base001.avd failed! Could not process line: C:\Program Files\SpySheriff\base001.avd Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\base002.avd for deletion Deletion of file C:\Program Files\SpySheriff\base002.avd failed! Could not process line: C:\Program Files\SpySheriff\base002.avd Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\found.wav for deletion Deletion of file C:\Program Files\SpySheriff\found.wav failed! Could not process line: C:\Program Files\SpySheriff\found.wav Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\heur001.dll for deletion Deletion of file C:\Program Files\SpySheriff\heur001.dll failed! Could not process line: C:\Program Files\SpySheriff\heur001.dll Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\notfound.wav for deletion Deletion of file C:\Program Files\SpySheriff\notfound.wav failed! Could not process line: C:\Program Files\SpySheriff\notfound.wav Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\removed.wav for deletion Deletion of file C:\Program Files\SpySheriff\removed.wav failed! Could not process line: C:\Program Files\SpySheriff\removed.wav Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\SpySheriff.dvm for deletion Deletion of file C:\Program Files\SpySheriff\SpySheriff.dvm failed! Could not process line: C:\Program Files\SpySheriff\SpySheriff.dvm Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\SpySheriff.exe for deletion Deletion of file C:\Program Files\SpySheriff\SpySheriff.exe failed! Could not process line: C:\Program Files\SpySheriff\SpySheriff.exe Status: 0xc000003a Could not open file C:\Program Files\SpySheriff\Uninstall.exe for deletion Deletion of file C:\Program Files\SpySheriff\Uninstall.exe failed! Could not process line: C:\Program Files\SpySheriff\Uninstall.exe Status: 0xc000003a File C:\WINDOWS\system32\adobepnl.dll deleted successfully. File C:\WINDOWS\system32\winlogon.ini deleted successfully. File C:\WINDOWS\system32\thlwin32.dll deleted successfully. File C:\WINDOWS\system32\qjrkvy.exe deleted successfully. File C:\WINDOWS\system32\winflash.dll deleted successfully. File C:\WINDOWS\system32\qwhfncne.exe deleted successfully. File C:\WINDOWS\system32\cnuzqwpd.exe deleted successfully. File C:\WINDOWS\system32\kfjbqaop.exe deleted successfully. File C:\WINDOWS\system32\fejejald.exe deleted successfully. File C:\WINDOWS\system32\ipod.raw.exe deleted successfully. File C:\WINDOWS\system32\hgoddega.exe deleted successfully. Completed script processing. ******************* Finished! Terminate. Datfind: Verzeichnis von C:\WINDOWS\system32 11.06.2006 22:51 40.960 swsc.exe 11.06.2006 22:51 42.496 swreg.exe 11.06.2006 22:51 288.417 SrchSTS.exe 11.06.2006 22:51 53.248 Process.exe 11.06.2006 11:16 0 asfiles.txt 11.06.2006 11:11 2.550 Uninstall.ico 11.06.2006 11:11 1.406 Help.ico 11.06.2006 11:11 30.590 pavas.ico 08.06.2006 13:57 401.262 perfh009.dat 08.06.2006 13:57 415.714 perfh007.dat 08.06.2006 13:57 62.542 perfc009.dat 08.06.2006 13:57 75.194 perfc007.dat 03.06.2006 10:14 2.984 CONFIG.NT 02.06.2006 15:56 2.206 wpa.dbl 31.05.2006 11:02 624.640 aswBoot.exe 31.05.2006 10:54 90.112 AVASTSS.scr 20.05.2006 10:48 98.304 CmdLineExt.dll 13.05.2006 19:52 4.212 zllictbl.dat 04.05.2006 06:26 5.818.784 MRT.exe 06.04.2006 16:27 2.412 lvcoinst.log 06.04.2006 16:03 114.176 FNTCACHE.DAT 06.04.2006 10:54 73.728 asuninst.exe 03.04.2006 13:55 21.840 SIntfNT.dll 03.04.2006 13:55 17.212 SIntf32.dll 03.04.2006 13:55 12.067 SIntf16.dll 03.04.2006 10:59 128 xposer.cfg 03.04.2006 10:59 128 asinst.cfg Verzeichnis von C:\Temp 11.06.2006 23:52 16.384 Perflib_Perfdata_584.dat 1 Datei(en) 16.384 Bytes 0 Verzeichnis(se), 59.648.188.416 Bytes frei Verzeichnis von C:\WINDOWS 11.06.2006 23:52 0 0.log 11.06.2006 23:52 159 wiadebug.log 11.06.2006 23:52 1.726.268 WindowsUpdate.log 11.06.2006 23:52 50 wiaservc.log 11.06.2006 23:52 2.048 bootstat.dat 11.06.2006 23:51 32.618 SchedLgU.Txt 11.06.2006 14:47 278.290 ntbtlog.txt 11.06.2006 14:42 302.518 setupapi.log 11.06.2006 14:38 186.428 setupact.log 11.06.2006 11:16 948 win.ini 08.06.2006 14:11 88.621 iis6.log 08.06.2006 14:11 152.394 comsetup.log 08.06.2006 14:11 93.876 ntdtcsetup.log 08.06.2006 14:11 333.163 ocgen.log 08.06.2006 14:11 4.507 imsins.log 08.06.2006 14:11 21.396 ocmsn.log 08.06.2006 14:11 235.740 tsoc.log 08.06.2006 14:11 30.532 msgsocm.log 08.06.2006 14:11 583.703 FaxSetup.log 08.06.2006 13:57 4.507 imsins.BAK 08.06.2006 13:57 89.525 wmsetup.log 06.06.2006 11:27 32 wininit.ini 31.05.2006 18:27 0 uesviewer.INI 31.05.2006 18:27 71 pex.INI 09.05.2006 20:24 11.732 KB913580.log 09.05.2006 20:24 35.532 updspapi.log 09.05.2006 14:54 26 ulead32.ini 26.04.2006 07:47 11.120 KB900485.log 13.04.2006 13:55 4.052 ModemLog_Smart Link 56K Modem.txt 12.04.2006 12:03 32.067 spupdsvc.log 12.04.2006 12:00 16.600 KB908531.log 12.04.2006 11:59 15.783 KB911562.log 12.04.2006 11:59 17.654 KB912812.log 12.04.2006 11:58 26.016 KB911565.log 12.04.2006 11:58 10.645 KB911567.log 11.04.2006 22:09 1.349.106 setupapi.log.0.old 06.04.2006 16:07 81.920 bwUnin-6.1.4.68-8876480L.exe 05.04.2006 23:22 165.409 DirectX.log Verzeichnis von C:\ 11.06.2006 23:54 0 sys.txt 11.06.2006 23:54 7.964 system.txt 11.06.2006 23:54 281 systemtemp.txt 11.06.2006 23:54 98.353 system32.txt 11.06.2006 23:52 805.306.368 pagefile.sys 11.06.2006 23:52 6.998 avenger.txt 11.06.2006 22:59 830 files.txt 11.06.2006 22:53 304 pjfdhkfc.txt 11.06.2006 22:51 1.107 rapport.txt 23.04.2006 12:06 127 CountCyclesWMVDecLog.txt 06.04.2006 16:07 183 LogiSetup.log 02.04.2006 20:14 4 i76uveh.def und wie schauts?? MfG PS: Spywaresheriff konnte ich nicht deinstallieren/löschen eintrag war nicht da. |
|
|
|
|
|
|
12.06.2006, 00:55
Ehrenmitglied
Beiträge: 29434 |
#26
1.
Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. 2. scanne mit kaspersky und danach mit panda http://virus-protect.org/onlinescan.html und poste beide scanreports __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
12.06.2006, 15:22
...neu hier
Beiträge: 4 |
#27
Hallo
Habe leider auch das gleiche problem mit dem spyware kram! Hab schon einiges getestet aber habe es nicht wegbekommen. Vielleicht könnt ihr mir ja weiter helfen. Poste mal alles was ihr braucht (hoffe das ist alles)! Hijack bericht: Logfile of HijackThis v1.99.1 Scan saved at 15:14:49, on 12.06.2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\Programme\Digidesign\Drivers\MMERefresh.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programme\SyncroSoft\Pos\H2O\cledx.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\SOUNDMAN.EXE C:\Programme\Apoint2K\Apoint.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\Programme\Apoint2K\Apntex.exe C:\Programme\Stanton\FinalScratch\ScratchAmpControl.exe C:\WINDOWS\System32\LVCOMSX.EXE C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\SpeedswitchXP\SpeedswitchXP.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\WinRAR\WinRAR.exe C:\WINDOWS\System32\cmd.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\System32\users32.exe C:\Programme\WinRAR\WinRAR.exe C:\DOKUME~1\DrPalf\LOKALE~1\Temp\Rar$EX00.017\HijackThis.exe O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file) O2 - BHO: (no name) - {00000000-C1EC-0345-6EC2-4D0300000000} - (no file) O2 - BHO: (no name) - {00000000-F09C-02B4-6EC2-AD0300000000} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: adobepnl.ADOBE_PANEL - {2513A321-CB50-4C5F-91C5-80342AFACFB1} - C:\WINDOWS\System32\adobepnl.dll O2 - BHO: (no name) - {3ceff6cd-6f08-4e4d-bccd-ff7415288c3b} - (no file) O2 - BHO: (no name) - {7b55bb05-0b4d-44fd-81a6-b136188f5deb} - (no file) O2 - BHO: (no name) - {8333c319-0669-4893-a418-f56d9249fca6} - (no file) O2 - BHO: (no name) - {9c691a33-7dda-4c2f-be4c-c176083f35cf} - (no file) O2 - BHO: (no name) - {e52dedbb-d168-4bdb-b229-c48160800e81} - (no file) O2 - BHO: (no name) - {ffd2825e-0785-40c5-9a41-518f53a8261f} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [H2O] C:\Programme\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [ScratchAmp] C:\Programme\Stanton\FinalScratch\ScratchAmpControl.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Programme\Digidesign\Drivers\MMERefresh.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE O4 - HKLM\..\Run: [Adware.Srv32] C:\WINDOWS\System32\runsrv32.exe O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\System32\susp.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\System32\taskdir.exe O4 - HKCU\..\Run: [SpeedswitchXP] C:\Programme\SpeedswitchXP\SpeedswitchXP.exe O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Programme\Digidesign\Drivers\MMERefresh.exe O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Programme\Digidesign\Pro Tools\digiSPTIService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe und dann noch der Datafind: Datentr„ger in Laufwerk C: ist system Volumeseriennummer: BCBD-6E48 Verzeichnis von C:\WINDOWS\system32 12.06.2006 01:11 18.688 runsrv32.dll 12.06.2006 01:08 46.592 zlbw.dll 12.06.2006 01:08 22.016 bridge.dll 12.06.2006 01:08 12.544 a.exe 12.06.2006 01:07 19.456 runsrv32.exe 12.06.2006 01:07 31.232 dailytoolbar.dll 12.06.2006 01:07 8.960 alxres.dll 12.06.2006 00:46 0 lrf.dat 12.06.2006 00:46 8 winlogon.ini 12.06.2006 00:11 57.384 avsda.dll 11.06.2006 18:54 4 thlwin32.dll 11.06.2006 18:53 13.312 qjrkvy.exe 11.06.2006 18:53 13.312 winflash.dll 11.06.2006 18:51 30.720 adobepnl.dll 11.06.2006 18:51 67.076 users32.exe 11.06.2006 18:51 8.704 rymdjapb.exe 11.06.2006 18:40 2.184 wpa.dbl 05.06.2006 20:06 311.740 perfh009.dat 05.06.2006 20:06 40.128 perfc009.dat 05.06.2006 20:06 316.924 perfh007.dat 05.06.2006 20:06 48.354 perfc007.dat 05.06.2006 20:06 723.744 PerfStringBackup.INI 28.05.2006 23:36 6.152 pywhbugc.exe 20.05.2006 20:20 8.192 udpmod.dll 20.05.2006 20:20 8.192 questmod.dll 20.05.2006 20:20 8.192 jao.dll 20.05.2006 20:20 8.192 txfdb32.dll 20.05.2006 20:20 8.192 wstart.dll 20.05.2006 20:20 8.192 tcpservice2.exe 20.05.2006 20:16 8.192 CWS_iestart.exe 20.05.2006 20:16 8.192 mirarsearch_toolbar.exe 20.05.2006 19:54 6.152 uowyddoa.exe 05.05.2006 14:04 6.152 wwwwjfiy.exe 27.04.2006 20:33 6.152 phqghume.exe 27.03.2006 12:34 51.116 parad.raw.exe 04.03.2006 02:11 349 results.txt 21.02.2006 16:21 1.648 lvcoinst.log 27.12.2005 15:57 2.890 DICoInst.log 08.12.2005 14:56 65.536 QuickTimeVR.qtx 08.12.2005 14:56 49.152 QuickTime.qts 26.10.2005 11:42 3.395.475 DirectIO.dll 26.10.2005 02:21 45.056 mbx2midu.dll 26.10.2005 01:26 5.632 digicoin.dll 26.10.2005 01:22 102.400 Digi32.dll 26.10.2005 01:21 98.304 Diomidi.DLL 25.10.2005 23:53 90.112 WinMMFix.dll 25.10.2005 23:52 528.384 DSI.dll 25.10.2005 23:51 1.394.452 ExpansionHD_Firmware.bin 13.10.2005 01:11 118.784 sirenacm.dll 07.10.2005 03:06 176.167 rmoc3260.dll 07.10.2005 03:06 5.632 pndx5032.dll 07.10.2005 03:06 6.656 pndx5016.dll 07.10.2005 03:06 278.528 pncrt.dll 06.10.2005 20:36 23.392 nscompat.tlb 06.10.2005 20:36 16.832 amcompat.tlb 06.10.2005 20:31 92.680 FNTCACHE.DAT 06.10.2005 19:13 0 h323log.txt 06.10.2005 18:37 25.065 wmpscheme.xml 06.10.2005 18:21 261 $winnt$.inf 06.10.2005 18:18 2.951 CONFIG.NT 06.10.2005 18:17 488 WindowsLogon.manifest 06.10.2005 18:17 488 logonui.exe.manifest 06.10.2005 18:17 749 ncpa.cpl.manifest 06.10.2005 18:17 749 wuaucpl.cpl.manifest 06.10.2005 18:17 749 cdplayer.exe.manifest 06.10.2005 18:17 749 sapi.cpl.manifest 06.10.2005 18:17 749 nwc.cpl.manifest 06.10.2005 18:15 21.740 emptyregdb.dat 27.09.2005 03:21 634.880 ilinet.dll 28.06.2005 16:08 1.730.048 kconvert.dll 11.06.2005 00:33 225.280 ReWire.dll 11.06.2005 00:33 1.060.864 MFC71.dll 04.06.2005 09:11 85.504 encdnet.dll 04.06.2005 09:09 61.952 decdnet.dll 04.06.2005 09:09 130.560 pnc3250.dll 04.06.2005 09:09 131.072 pneng50.dll 04.06.2005 09:09 352.768 pngu3263.dll 04.06.2005 09:09 81.920 ra3214_4.dll 04.06.2005 09:09 72.704 ra3228_8.dll 04.06.2005 09:09 21.504 ra32dnet.dll 04.06.2005 09:08 87.040 ra32sipr.dll 04.06.2005 09:08 487.936 rmbe3260.dll 04.06.2005 09:08 487.424 msvcp70.dll 04.06.2005 09:08 344.064 msvcr70.dll 04.04.2005 19:00 393.216 NI_IRC_1_0_3.dll dann nach klicken in datafind: Datentr„ger in Laufwerk C: ist system Volumeseriennummer: BCBD-6E48 Verzeichnis von C:\DOKUME~1\DrPalf\LOKALE~1\Temp 12.06.2006 15:14 16.384 ~DF8A94.tmp 12.06.2006 15:14 593 LVCOMSX.LOG 12.06.2006 14:39 32.768 ~DFBF63.tmp 12.06.2006 14:20 16.384 ~DF15FC.tmp 12.06.2006 14:20 16.384 ~DF100D.tmp 5 Datei(en) 82.513 Bytes 0 Verzeichnis(se), 6.467.850.240 Bytes frei dann noch mal geklickt: Datentr„ger in Laufwerk C: ist system Volumeseriennummer: BCBD-6E48 Verzeichnis von C:\WINDOWS 12.06.2006 14:17 50 wiaservc.log 12.06.2006 14:17 159 wiadebug.log 12.06.2006 14:17 0 0.log 12.06.2006 14:17 2.048 bootstat.dat 12.06.2006 01:08 19.200 ZServ.dll 11.06.2006 23:21 134.994 ntbtlog.txt 11.06.2006 18:58 155 winamp.ini 11.06.2006 18:54 49 spacer.gif 11.06.2006 18:52 283 x.gif 11.06.2006 18:52 1.791 win_logo.gif 11.06.2006 18:52 3.877 warning_icon.gif 11.06.2006 18:52 291 v.gif 11.06.2006 18:52 2.374 ts_header.gif 11.06.2006 18:52 688 ts.gif 11.06.2006 18:52 550 star_small.gif 11.06.2006 18:52 223 star_gray_small.gif 11.06.2006 18:52 425 star_gray.gif 11.06.2006 18:52 6.399 spyware-detected.gif 11.06.2006 18:52 963 spacer.gif' 11.06.2006 18:52 53 sep_vert.gif 11.06.2006 18:52 65 sep_hor.gif 11.06.2006 18:52 6.695 security_center_caption.gif 11.06.2006 18:52 10.809 security-center-logo.gif 11.06.2006 18:52 177 security-center-bg.gif 11.06.2006 18:52 2.735 scan_btn.gif 11.06.2006 18:52 2.271 rf_header.gif 11.06.2006 18:52 611 rf.gif 11.06.2006 18:52 215 main_back.gif 11.06.2006 18:52 11.077 header_4.gif 11.06.2006 18:51 10.193 header_3.gif 11.06.2006 18:51 15.421 header_2.gif 11.06.2006 18:51 25.023 header_1.gif 11.06.2006 18:51 2.922 footer_back.jpg 11.06.2006 18:51 2.306 footer_back.gif 11.06.2006 18:51 592 features.gif 11.06.2006 18:51 2.238 download_box.gif 11.06.2006 18:51 2.067 button_freescan.gif 11.06.2006 18:51 1.682 button_buynow.gif 11.06.2006 18:51 11.602 box_3.gif 11.06.2006 18:51 12.019 box_2.gif 11.06.2006 18:51 5.741 box_1.gif 11.06.2006 18:51 72 bg.gif 11.06.2006 18:51 2.695 as_header.gif 11.06.2006 18:51 847 as.gif 11.06.2006 18:51 372 about_spyware_bottom.gif 11.06.2006 18:51 110 about_spyware_bg.gif 10.06.2006 20:10 671.481 setupapi.log 10.06.2006 20:10 67.370 Windows Update.log 10.06.2006 16:52 54.156 QTFont.qfn 09.06.2006 12:57 1.409 QTFont.for 22.05.2006 13:32 174.804 setupact.log 20.05.2006 20:20 8.192 dlmax.dll 20.05.2006 20:20 8.192 Pynix.dll 20.05.2006 20:20 8.192 BTGrab.dll 20.05.2006 20:20 8.192 susp.exe 20.05.2006 20:20 8.192 alxtb1.dll 20.05.2006 20:20 8.192 alxie328.dll 20.05.2006 20:20 8.192 alexaie.dll 20.05.2006 19:57 10.809 win-sec-center-logo.gif 20.05.2006 19:57 1.014 warning-bar-ico.gif 20.05.2006 19:57 6.575 remove-spyware-btn.gif 20.05.2006 19:57 64 close-bar.gif 20.05.2006 19:57 177 blue-bg.gif 20.05.2006 19:57 545 yes-icon.gif 20.05.2006 19:57 2.400 windows-compatible.gif 20.05.2006 19:57 985 true-stories.gif 20.05.2006 19:57 196 star.gif 20.05.2006 19:56 127 star-grey.gif 20.05.2006 19:56 10.829 spyware-sheriff-header.gif 20.05.2006 19:56 18.610 spyware-sheriff-box.gif 20.05.2006 19:56 104 no-icon.gif 20.05.2006 19:56 7.627 info.gif 20.05.2006 19:56 7.679 infected.gif 20.05.2006 19:56 352 header-bg.gif 20.05.2006 19:56 1.028 h-line-gradient.gif 20.05.2006 19:56 2.361 free-scan-btn.gif 20.05.2006 19:56 803 footer.gif 20.05.2006 19:56 1.470 facts.gif 20.05.2006 19:56 119 corner-right.gif 20.05.2006 19:56 119 corner-left.gif 20.05.2006 19:56 2.151 buy-now-btn.gif 20.05.2006 19:56 3.808 antispylab-logo.gif 20.05.2006 19:56 9.977 adware-sheriff-header.gif 20.05.2006 19:56 18.600 adware-sheriff-box.gif 17.05.2006 13:14 44.786 Logic 5.prf 17.05.2006 11:55 703 win.ini 14.05.2006 23:24 62.417 wmsetup.log 06.04.2006 14:41 754 WORDPAD.INI 04.03.2006 02:13 153.447 SetupWLD.log 21.02.2006 16:17 264 _delis32.ini 11.01.2006 01:59 22.905 comsetup.log 11.01.2006 01:59 13.704 ntdtcsetup.log 11.01.2006 01:59 116.588 iis6.log 11.01.2006 01:59 25.040 tsoc.log 11.01.2006 01:59 4.566 imsins.log 11.01.2006 01:59 3.447 ocmsn.log 11.01.2006 01:59 35.653 ocgen.log 11.01.2006 01:59 2.287 msgsocm.log 11.01.2006 01:59 32.065 FaxSetup.log 11.01.2006 01:59 28.276 msmqinst.log 01.12.2005 22:27 3.869 imsins.BAK 14.11.2005 03:32 598 EventSystem.log 12.11.2005 19:19 4.493 mozver.dat 07.10.2005 01:25 99.970 UninstallFirefox.exe 06.10.2005 22:38 621 chipset.log 06.10.2005 20:36 239 wmsetup10.log 06.10.2005 20:35 316.640 WMSysPr9.prx 06.10.2005 20:10 0 nsreg.dat 06.10.2005 20:07 558 SchedLgU.Txt 06.10.2005 19:46 410 nsw.log 06.10.2005 19:07 0 Sti_Trace.log 06.10.2005 19:04 1.348 regopt.log 06.10.2005 19:04 231 system.ini 06.10.2005 18:37 820 OEWABLog.txt 06.10.2005 18:36 713.844 setuplog.txt 06.10.2005 18:22 8.192 REGLOCS.OLD 06.10.2005 18:21 1.246 setuperr.log 06.10.2005 18:18 0 control.ini 06.10.2005 18:18 299.552 WMSysPrx.prx 06.10.2005 18:18 4.161 ODBCINST.INI 06.10.2005 18:17 749 WindowsShell.Manifest 06.10.2005 18:15 1.060 sessmgr.setup.log 06.10.2005 18:15 37 vbaddin.ini 06.10.2005 18:15 36 vb.ini und noch einmal: Datentr„ger in Laufwerk C: ist system Volumeseriennummer: BCBD-6E48 Verzeichnis von C:\ 12.06.2006 15:20 0 sys.txt 12.06.2006 15:19 8.517 system.txt 12.06.2006 15:17 482 systemtemp.txt 12.06.2006 15:09 98.037 system32.txt 12.06.2006 14:17 780.140.544 pagefile.sys 06.10.2005 18:18 0 IO.SYS 06.10.2005 18:18 0 CONFIG.SYS 06.10.2005 18:18 0 AUTOEXEC.BAT 06.10.2005 18:18 0 MSDOS.SYS 9 Datei(en) 780.247.580 Bytes 0 Verzeichnis(se), 6.467.837.952 Bytes frei So hoffe das war alles und man kann damit was anfangen. und vielen vielen dank für den der sich mir an nimmt! Gruß Rafael |
|
|
|
|
|
|
12.06.2006, 15:37
Ehrenmitglied
Beiträge: 29434 |
#28
DrPalf
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file)PC neustarten avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat Files to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste das log vom Avenger, was erscheint ** Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. (dann wieder aktivieren) ** scanne mit kaspersky und danach mit panda und poste die scanreporte http://virus-protect.org/onlinescan.html ** poste noch mal die 4 logs von datfindbat __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
12.06.2006, 16:29
...neu hier
Beiträge: 4 |
#29
so
hatte aber schon in der Zeit mal mit schmidfraufix gearbeitet und das hatte mein problem gelöst nur hatte ich danach nen blauen Desktophintergrund darüber hatte ich rausgefunden das es an dem schmitfraufix liegt weil man sich so etwas neues einfängt und man die vollversion kaufen muss ob das jetzt stimmt?? hab aber auch das was du geschrieben hast gemacht die berichte Avenger: Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\lcbokjle ******************* Script file located at: \??\C:\WINDOWS\System32\clhubouh.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\System32\taskdir.exe not found! Deletion of file C:\WINDOWS\System32\taskdir.exe failed! Could not process line: C:\WINDOWS\System32\taskdir.exe Status: 0xc0000034 File C:\WINDOWS\system32\runsrv32.dll not found! Deletion of file C:\WINDOWS\system32\runsrv32.dll failed! Could not process line: C:\WINDOWS\system32\runsrv32.dll Status: 0xc0000034 File C:\WINDOWS\system32\zlbw.dll not found! Deletion of file C:\WINDOWS\system32\zlbw.dll failed! Could not process line: C:\WINDOWS\system32\zlbw.dll Status: 0xc0000034 File C:\WINDOWS\system32\bridge.dll not found! Deletion of file C:\WINDOWS\system32\bridge.dll failed! Could not process line: C:\WINDOWS\system32\bridge.dll Status: 0xc0000034 File C:\WINDOWS\system32\a.exe not found! Deletion of file C:\WINDOWS\system32\a.exe failed! Could not process line: C:\WINDOWS\system32\a.exe Status: 0xc0000034 File C:\WINDOWS\system32\runsrv32.exe not found! Deletion of file C:\WINDOWS\system32\runsrv32.exe failed! Could not process line: C:\WINDOWS\system32\runsrv32.exe Status: 0xc0000034 File C:\WINDOWS\system32\dailytoolbar.dll not found! Deletion of file C:\WINDOWS\system32\dailytoolbar.dll failed! Could not process line: C:\WINDOWS\system32\dailytoolbar.dll Status: 0xc0000034 File C:\WINDOWS\system32\alxres.dll not found! Deletion of file C:\WINDOWS\system32\alxres.dll failed! Could not process line: C:\WINDOWS\system32\alxres.dll Status: 0xc0000034 File C:\WINDOWS\system32\lrf.dat deleted successfully. File C:\WINDOWS\system32\winlogon.ini deleted successfully. File C:\WINDOWS\system32\thlwin32.dll not found! Deletion of file C:\WINDOWS\system32\thlwin32.dll failed! Could not process line: C:\WINDOWS\system32\thlwin32.dll Status: 0xc0000034 File C:\WINDOWS\system32\qjrkvy.exe not found! Deletion of file C:\WINDOWS\system32\qjrkvy.exe failed! Could not process line: C:\WINDOWS\system32\qjrkvy.exe Status: 0xc0000034 File C:\WINDOWS\system32\winflash.dll not found! Deletion of file C:\WINDOWS\system32\winflash.dll failed! Could not process line: C:\WINDOWS\system32\winflash.dll Status: 0xc0000034 File C:\WINDOWS\system32\adobepnl.dll not found! Deletion of file C:\WINDOWS\system32\adobepnl.dll failed! Could not process line: C:\WINDOWS\system32\adobepnl.dll Status: 0xc0000034 File C:\WINDOWS\system32\users32.exe not found! Deletion of file C:\WINDOWS\system32\users32.exe failed! Could not process line: C:\WINDOWS\system32\users32.exe Status: 0xc0000034 File C:\WINDOWS\system32\rymdjapb.exe deleted successfully. File C:\WINDOWS\system32\pywhbugc.exe not found! Deletion of file C:\WINDOWS\system32\pywhbugc.exe failed! Could not process line: C:\WINDOWS\system32\pywhbugc.exe Status: 0xc0000034 File C:\WINDOWS\system32\udpmod.dll not found! Deletion of file C:\WINDOWS\system32\udpmod.dll failed! Could not process line: C:\WINDOWS\system32\udpmod.dll Status: 0xc0000034 File C:\WINDOWS\system32\questmod.dll not found! Deletion of file C:\WINDOWS\system32\questmod.dll failed! Could not process line: C:\WINDOWS\system32\questmod.dll Status: 0xc0000034 File C:\WINDOWS\system32\jao.dll not found! Deletion of file C:\WINDOWS\system32\jao.dll failed! Could not process line: C:\WINDOWS\system32\jao.dll Status: 0xc0000034 File C:\WINDOWS\system32\txfdb32.dll not found! Deletion of file C:\WINDOWS\system32\txfdb32.dll failed! Could not process line: C:\WINDOWS\system32\txfdb32.dll Status: 0xc0000034 File C:\WINDOWS\system32\wstart.dll not found! Deletion of file C:\WINDOWS\system32\wstart.dll failed! Could not process line: C:\WINDOWS\system32\wstart.dll Status: 0xc0000034 File C:\WINDOWS\system32\tcpservice2.exe not found! Deletion of file C:\WINDOWS\system32\tcpservice2.exe failed! Could not process line: C:\WINDOWS\system32\tcpservice2.exe Status: 0xc0000034 File C:\WINDOWS\system32\CWS_iestart.exe not found! Deletion of file C:\WINDOWS\system32\CWS_iestart.exe failed! Could not process line: C:\WINDOWS\system32\CWS_iestart.exe Status: 0xc0000034 File C:\WINDOWS\system32\mirarsearch_toolbar.exe not found! Deletion of file C:\WINDOWS\system32\mirarsearch_toolbar.exe failed! Could not process line: C:\WINDOWS\system32\mirarsearch_toolbar.exe Status: 0xc0000034 File C:\WINDOWS\system32\uowyddoa.exe not found! Deletion of file C:\WINDOWS\system32\uowyddoa.exe failed! Could not process line: C:\WINDOWS\system32\uowyddoa.exe Status: 0xc0000034 File C:\WINDOWS\system32\wwwwjfiy.exe not found! Deletion of file C:\WINDOWS\system32\wwwwjfiy.exe failed! Could not process line: C:\WINDOWS\system32\wwwwjfiy.exe Status: 0xc0000034 File C:\WINDOWS\system32\phqghume.exe not found! Deletion of file C:\WINDOWS\system32\phqghume.exe failed! Could not process line: C:\WINDOWS\system32\phqghume.exe Status: 0xc0000034 File C:\WINDOWS\system32\parad.raw.exe not found! Deletion of file C:\WINDOWS\system32\parad.raw.exe failed! Could not process line: C:\WINDOWS\system32\parad.raw.exe Status: 0xc0000034 File C:\WINDOWS\spacer.gif not found! Deletion of file C:\WINDOWS\spacer.gif failed! Could not process line: C:\WINDOWS\spacer.gif Status: 0xc0000034 File C:\WINDOWS\x.gif not found! Deletion of file C:\WINDOWS\x.gif failed! Could not process line: C:\WINDOWS\x.gif Status: 0xc0000034 File C:\WINDOWS\win_logo.gif not found! Deletion of file C:\WINDOWS\win_logo.gif failed! Could not process line: C:\WINDOWS\win_logo.gif Status: 0xc0000034 File C:\WINDOWS\warning_icon.gif not found! Deletion of file C:\WINDOWS\warning_icon.gif failed! Could not process line: C:\WINDOWS\warning_icon.gif Status: 0xc0000034 File C:\WINDOWS\v.gif not found! Deletion of file C:\WINDOWS\v.gif failed! Could not process line: C:\WINDOWS\v.gif Status: 0xc0000034 File C:\WINDOWS\ts_header.gif not found! Deletion of file C:\WINDOWS\ts_header.gif failed! Could not process line: C:\WINDOWS\ts_header.gif Status: 0xc0000034 File C:\WINDOWS\ts.gif not found! Deletion of file C:\WINDOWS\ts.gif failed! Could not process line: C:\WINDOWS\ts.gif Status: 0xc0000034 File C:\WINDOWS\star_small.gif not found! Deletion of file C:\WINDOWS\star_small.gif failed! Could not process line: C:\WINDOWS\star_small.gif Status: 0xc0000034 File C:\WINDOWS\star_gray_small.gif not found! Deletion of file C:\WINDOWS\star_gray_small.gif failed! Could not process line: C:\WINDOWS\star_gray_small.gif Status: 0xc0000034 File C:\WINDOWS\star_gray.gif not found! Deletion of file C:\WINDOWS\star_gray.gif failed! Could not process line: C:\WINDOWS\star_gray.gif Status: 0xc0000034 File C:\WINDOWS\spyware-detected.gif not found! Deletion of file C:\WINDOWS\spyware-detected.gif failed! Could not process line: C:\WINDOWS\spyware-detected.gif Status: 0xc0000034 File C:\WINDOWS\spacer.gif' not found! Deletion of file C:\WINDOWS\spacer.gif' failed! Could not process line: C:\WINDOWS\spacer.gif' Status: 0xc0000034 File C:\WINDOWS\sep_vert.gif not found! Deletion of file C:\WINDOWS\sep_vert.gif failed! Could not process line: C:\WINDOWS\sep_vert.gif Status: 0xc0000034 File C:\WINDOWS\sep_hor.gif not found! Deletion of file C:\WINDOWS\sep_hor.gif failed! Could not process line: C:\WINDOWS\sep_hor.gif Status: 0xc0000034 File C:\WINDOWS\security_center_caption.gif not found! Deletion of file C:\WINDOWS\security_center_caption.gif failed! Could not process line: C:\WINDOWS\security_center_caption.gif Status: 0xc0000034 File C:\WINDOWS\security-center-logo.gif not found! Deletion of file C:\WINDOWS\security-center-logo.gif failed! Could not process line: C:\WINDOWS\security-center-logo.gif Status: 0xc0000034 File C:\WINDOWS\security-center-bg.gif not found! Deletion of file C:\WINDOWS\security-center-bg.gif failed! Could not process line: C:\WINDOWS\security-center-bg.gif Status: 0xc0000034 File C:\WINDOWS\scan_btn.gif not found! Deletion of file C:\WINDOWS\scan_btn.gif failed! Could not process line: C:\WINDOWS\scan_btn.gif Status: 0xc0000034 File C:\WINDOWS\rf_header.gif not found! Deletion of file C:\WINDOWS\rf_header.gif failed! Could not process line: C:\WINDOWS\rf_header.gif Status: 0xc0000034 File C:\WINDOWS\rf.gif not found! Deletion of file C:\WINDOWS\rf.gif failed! Could not process line: C:\WINDOWS\rf.gif Status: 0xc0000034 File C:\WINDOWS\main_back.gif not found! Deletion of file C:\WINDOWS\main_back.gif failed! Could not process line: C:\WINDOWS\main_back.gif Status: 0xc0000034 File C:\WINDOWS\header_4.gif not found! Deletion of file C:\WINDOWS\header_4.gif failed! Could not process line: C:\WINDOWS\header_4.gif Status: 0xc0000034 File C:\WINDOWS\header_3.gif not found! Deletion of file C:\WINDOWS\header_3.gif failed! Could not process line: C:\WINDOWS\header_3.gif Status: 0xc0000034 File C:\WINDOWS\header_2.gif not found! Deletion of file C:\WINDOWS\header_2.gif failed! Could not process line: C:\WINDOWS\header_2.gif Status: 0xc0000034 File C:\WINDOWS\header_1.gif not found! Deletion of file C:\WINDOWS\header_1.gif failed! Could not process line: C:\WINDOWS\header_1.gif Status: 0xc0000034 File C:\WINDOWS\footer_back.jpg not found! Deletion of file C:\WINDOWS\footer_back.jpg failed! Could not process line: C:\WINDOWS\footer_back.jpg Status: 0xc0000034 File C:\WINDOWS\footer_back.gif not found! Deletion of file C:\WINDOWS\footer_back.gif failed! Could not process line: C:\WINDOWS\footer_back.gif Status: 0xc0000034 File C:\WINDOWS\features.gif not found! Deletion of file C:\WINDOWS\features.gif failed! Could not process line: C:\WINDOWS\features.gif Status: 0xc0000034 File C:\WINDOWS\download_box.gif not found! Deletion of file C:\WINDOWS\download_box.gif failed! Could not process line: C:\WINDOWS\download_box.gif Status: 0xc0000034 File C:\WINDOWS\button_freescan.gif not found! Deletion of file C:\WINDOWS\button_freescan.gif failed! Could not process line: C:\WINDOWS\button_freescan.gif Status: 0xc0000034 File C:\WINDOWS\button_buynow.gif not found! Deletion of file C:\WINDOWS\button_buynow.gif failed! Could not process line: C:\WINDOWS\button_buynow.gif Status: 0xc0000034 File C:\WINDOWS\box_3.gif not found! Deletion of file C:\WINDOWS\box_3.gif failed! Could not process line: C:\WINDOWS\box_3.gif Status: 0xc0000034 File C:\WINDOWS\box_2.gif not found! Deletion of file C:\WINDOWS\box_2.gif failed! Could not process line: C:\WINDOWS\box_2.gif Status: 0xc0000034 File C:\WINDOWS\box_1.gif not found! Deletion of file C:\WINDOWS\box_1.gif failed! Could not process line: C:\WINDOWS\box_1.gif Status: 0xc0000034 File C:\WINDOWS\bg.gif not found! Deletion of file C:\WINDOWS\bg.gif failed! Could not process line: C:\WINDOWS\bg.gif Status: 0xc0000034 File C:\WINDOWS\as_header.gif not found! Deletion of file C:\WINDOWS\as_header.gif failed! Could not process line: C:\WINDOWS\as_header.gif Status: 0xc0000034 File C:\WINDOWS\as.gif not found! Deletion of file C:\WINDOWS\as.gif failed! Could not process line: C:\WINDOWS\as.gif Status: 0xc0000034 File C:\WINDOWS\about_spyware_bottom.gif not found! Deletion of file C:\WINDOWS\about_spyware_bottom.gif failed! Could not process line: C:\WINDOWS\about_spyware_bottom.gif Status: 0xc0000034 File C:\WINDOWS\about_spyware_bg.gif not found! Deletion of file C:\WINDOWS\about_spyware_bg.gif failed! Could not process line: C:\WINDOWS\about_spyware_bg.gif Status: 0xc0000034 File C:\WINDOWS\setupapi.log deleted successfully. File C:\WINDOWS\dlmax.dll not found! Deletion of file C:\WINDOWS\dlmax.dll failed! Could not process line: C:\WINDOWS\dlmax.dll Status: 0xc0000034 File C:\WINDOWS\Pynix.dll not found! Deletion of file C:\WINDOWS\Pynix.dll failed! Could not process line: C:\WINDOWS\Pynix.dll Status: 0xc0000034 File C:\WINDOWS\BTGrab.dll not found! Deletion of file C:\WINDOWS\BTGrab.dll failed! Could not process line: C:\WINDOWS\BTGrab.dll Status: 0xc0000034 File C:\WINDOWS\susp.exe not found! Deletion of file C:\WINDOWS\susp.exe failed! Could not process line: C:\WINDOWS\susp.exe Status: 0xc0000034 File C:\WINDOWS\alxtb1.dll not found! Deletion of file C:\WINDOWS\alxtb1.dll failed! Could not process line: C:\WINDOWS\alxtb1.dll Status: 0xc0000034 File C:\WINDOWS\alxie328.dll not found! Deletion of file C:\WINDOWS\alxie328.dll failed! Could not process line: C:\WINDOWS\alxie328.dll Status: 0xc0000034 File C:\WINDOWS\alexaie.dll not found! Deletion of file C:\WINDOWS\alexaie.dll failed! Could not process line: C:\WINDOWS\alexaie.dll Status: 0xc0000034 File C:\WINDOWS\win-sec-center-logo.gif not found! Deletion of file C:\WINDOWS\win-sec-center-logo.gif failed! Could not process line: C:\WINDOWS\win-sec-center-logo.gif Status: 0xc0000034 File C:\WINDOWS\warning-bar-ico.gif not found! Deletion of file C:\WINDOWS\warning-bar-ico.gif failed! Could not process line: C:\WINDOWS\warning-bar-ico.gif Status: 0xc0000034 File C:\WINDOWS\remove-spyware-btn.gif not found! Deletion of file C:\WINDOWS\remove-spyware-btn.gif failed! Could not process line: C:\WINDOWS\remove-spyware-btn.gif Status: 0xc0000034 File C:\WINDOWS\close-bar.gif not found! Deletion of file C:\WINDOWS\close-bar.gif failed! Could not process line: C:\WINDOWS\close-bar.gif Status: 0xc0000034 File C:\WINDOWS\blue-bg.gif not found! Deletion of file C:\WINDOWS\blue-bg.gif failed! Could not process line: C:\WINDOWS\blue-bg.gif Status: 0xc0000034 File C:\WINDOWS\yes-icon.gif not found! Deletion of file C:\WINDOWS\yes-icon.gif failed! Could not process line: C:\WINDOWS\yes-icon.gif Status: 0xc0000034 File C:\WINDOWS\windows-compatible.gif not found! Deletion of file C:\WINDOWS\windows-compatible.gif failed! Could not process line: C:\WINDOWS\windows-compatible.gif Status: 0xc0000034 File C:\WINDOWS\true-stories.gif not found! Deletion of file C:\WINDOWS\true-stories.gif failed! Could not process line: C:\WINDOWS\true-stories.gif Status: 0xc0000034 File C:\WINDOWS\star.gif not found! Deletion of file C:\WINDOWS\star.gif failed! Could not process line: C:\WINDOWS\star.gif Status: 0xc0000034 File C:\WINDOWS\star-grey.gif not found! Deletion of file C:\WINDOWS\star-grey.gif failed! Could not process line: C:\WINDOWS\star-grey.gif Status: 0xc0000034 File C:\WINDOWS\spyware-sheriff-header.gif not found! Deletion of file C:\WINDOWS\spyware-sheriff-header.gif failed! Could not process line: C:\WINDOWS\spyware-sheriff-header.gif Status: 0xc0000034 File C:\WINDOWS\spyware-sheriff-box.gif not found! Deletion of file C:\WINDOWS\spyware-sheriff-box.gif failed! Could not process line: C:\WINDOWS\spyware-sheriff-box.gif Status: 0xc0000034 File C:\WINDOWS\no-icon.gif not found! Deletion of file C:\WINDOWS\no-icon.gif failed! Could not process line: C:\WINDOWS\no-icon.gif Status: 0xc0000034 File C:\WINDOWS\info.gif not found! Deletion of file C:\WINDOWS\info.gif failed! Could not process line: C:\WINDOWS\info.gif Status: 0xc0000034 File C:\WINDOWS\infected.gif not found! Deletion of file C:\WINDOWS\infected.gif failed! Could not process line: C:\WINDOWS\infected.gif Status: 0xc0000034 File C:\WINDOWS\header-bg.gif not found! Deletion of file C:\WINDOWS\header-bg.gif failed! Could not process line: C:\WINDOWS\header-bg.gif Status: 0xc0000034 File C:\WINDOWS\h-line-gradient.gif not found! Deletion of file C:\WINDOWS\h-line-gradient.gif failed! Could not process line: C:\WINDOWS\h-line-gradient.gif Status: 0xc0000034 File C:\WINDOWS\free-scan-btn.gif not found! Deletion of file C:\WINDOWS\free-scan-btn.gif failed! Could not process line: C:\WINDOWS\free-scan-btn.gif Status: 0xc0000034 File C:\WINDOWS\footer.gif not found! Deletion of file C:\WINDOWS\footer.gif failed! Could not process line: C:\WINDOWS\footer.gif Status: 0xc0000034 File C:\WINDOWS\facts.gif not found! Deletion of file C:\WINDOWS\facts.gif failed! Could not process line: C:\WINDOWS\facts.gif Status: 0xc0000034 File C:\WINDOWS\corner-right.gif not found! Deletion of file C:\WINDOWS\corner-right.gif failed! Could not process line: C:\WINDOWS\corner-right.gif Status: 0xc0000034 File C:\WINDOWS\corner-left.gif not found! Deletion of file C:\WINDOWS\corner-left.gif failed! Could not process line: C:\WINDOWS\corner-left.gif Status: 0xc0000034 File C:\WINDOWS\buy-now-btn.gif not found! Deletion of file C:\WINDOWS\buy-now-btn.gif failed! Could not process line: C:\WINDOWS\buy-now-btn.gif Status: 0xc0000034 File C:\WINDOWS\antispylab-logo.gif not found! Deletion of file C:\WINDOWS\antispylab-logo.gif failed! Could not process line: C:\WINDOWS\antispylab-logo.gif Status: 0xc0000034 File C:\WINDOWS\adware-sheriff-header.gif not found! Deletion of file C:\WINDOWS\adware-sheriff-header.gif failed! Could not process line: C:\WINDOWS\adware-sheriff-header.gif Status: 0xc0000034 File C:\WINDOWS\adware-sheriff-box.gif not found! Deletion of file C:\WINDOWS\adware-sheriff-box.gif failed! Could not process line: C:\WINDOWS\adware-sheriff-box.gif Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. den rest poste ich gleich einen moment. habs hinbekommen mit dem systemherstellen der rest scant noch Dieser Beitrag wurde am 12.06.2006 um 16:45 Uhr von DrPalf editiert.
|
|
|
|
|
|
|
12.06.2006, 16:46
Ehrenmitglied
Beiträge: 29434 |
#30
DrPalf
poste die zwei scanreporte + poste auch bitte die 4 logs von datfindbat noch einmal. (und deinen Hintergrund kannst du neu einstellen) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
du kannst noch einen Onlinescan mit Panda und Trend Micro Anti-Spyware for the Web machen + berichten
http://virus-protect.org/onlinescan.html
__________
MfG Sabina
rund um die PC-Sicherheit