Probleme mit virus alert |
||
|---|---|---|
| #0
| ||
|
08.08.2006, 17:47
Member
Beiträge: 12 |
#1
so hallo. Ich bekomme immer virus alert angezeigt. Habe dieses Forum auch darauf untersucht. Und das gemacht was den anderen empfohlen wurde. Es geht aber trotzdem nicht weg. Was kann ich tun? wäre net wenn ihr mir helfen könntet.
|
|
 
|
|
|
|
08.08.2006, 18:09
Moderator
Beiträge: 7805 |
#2
Also hast du smitfraudfix benutzt?
http://siri.geekstogo.com/SmitfraudFix_De.php Wenn ja, dann her mit diesen INfos: http://board.protecus.de/t23188.htm __________ MfG Ralf SEO-Spam Hunter |
|
|
|
|
|
|
08.08.2006, 18:14
Member
Themenstarter Beiträge: 12 |
#3
Hab ich alles schon versucht bei mir geht das nicht mit dem F8. da kommt des alles net.
Logfile of HijackThis v1.99.1 Scan saved at 18:17:59, on 08.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\IntCodec\isamonitor.exe C:\Programme\IntCodec\pmsngr.exe C:\Programme\Trust\460LR MOUSE WIRELESS OPTICALOFFICE\1.1\moffice.exe C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Programme\T-DSL Business\bolog.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\QuickTime\qttask.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\IntCodec\pmmon.exe C:\Programme\Trust\460LR MOUSE WIRELESS OPTICALOFFICE\1.1\MOUSE32A.DAT C:\Programme\IntCodec\isamini.exe F:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\Java\jre1.5.0_07\bin\jusched.exe F:\Programme\ICQLite\ICQLite.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe C:\Programme\Telekom\Eumex 504PC SE\Capictrl.exe C:\Programme\SEC\MagicTune3.5_Client\GammaTray.exe C:\Programme\SEC\Natural Color\NaturalColorLoad.exe C:\WINDOWS\system32\ntvdm.exe F:\Programme\AntiVir PersonalEdition Classic\sched.exe F:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\Fast.exe C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE C:\Programme\iPod\bin\iPodService.exe C:\T-ONLINE\BSW4\ToDuCAlC.EXE C:\PROGRA~1\INTERN~1\iexplore.exe C:\Dokumente und Einstellungen\unbekannt\Eigene Dateien\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.t-online.de/service/redir/tosw4_t-online.htm R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file) O2 - BHO: (no name) - {00000000-C1EC-0345-6EC2-4D0300000000} - (no file) O2 - BHO: (no name) - {00000000-F09C-02B4-6EC2-AD0300000000} - (no file) O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\WINDOWS\Downloaded Program Files\ycomp5_1_6_0.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: (no name) - {19AD155D-EC6B-7DEC-8757-6D557BA8743A} - C:\WINDOWS\System32\imipy.dll (file missing) O2 - BHO: (no name) - {1da7dbe8-c51b-4ae4-bc6e-21863349b0b4} - C:\Programme\IntCodec\isaddon.dll O2 - BHO: adobepnl.ADOBE_PANEL - {2513A321-CB50-4C5F-91C5-80342AFACFB1} - C:\WINDOWS\system32\adobepnl.dll (file missing) O2 - BHO: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD39AC959} - C:\WINDOWS\Downloaded Program Files\rundlg32.dll (file missing) O2 - BHO: (no name) - {3ceff6cd-6f08-4e4d-bccd-ff7415288c3b} - (no file) O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file) O2 - BHO: (no name) - {7b55bb05-0b4d-44fd-81a6-b136188f5deb} - (no file) O2 - BHO: (no name) - {8333c319-0669-4893-a418-f56d9249fca6} - (no file) O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem217.dll (file missing) O2 - BHO: (no name) - {9c691a33-7dda-4c2f-be4c-c176083f35cf} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll O2 - BHO: (no name) - {e52dedbb-d168-4bdb-b229-c48160800e81} - (no file) O2 - BHO: BHObj Class - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem214.dll (file missing) O2 - BHO: (no name) - {ffd2825e-0785-40c5-9a41-518f53a8261f} - (no file) O3 - Toolbar: Yahoo! Assistent - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\WINDOWS\Downloaded Program Files\ycomp5_1_6_0.dll O3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\WINDOWS\Downloaded Program Files\rundlg32.dll (file missing) O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll O4 - HKLM\..\Run: [WorksFUD] C:\Programme\Microsoft Works\wkfud.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programme\Trust\460LR MOUSE WIRELESS OPTICALOFFICE\1.1\moffice.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [BusinessOnline Log] "C:\Programme\T-DSL Business\bolog.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adware.Srv32] C:\WINDOWS\system32\runsrv32.exe O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe O4 - HKLM\..\Run: [avgnt] "F:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_07\bin\jusched.exe O4 - HKLM\..\Run: [ICQ Lite] "F:\Programme\ICQLite\ICQLite.exe" -minimize O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\system32\taskdir.exe O4 - HKCU\..\Run: [vgt] "C:\WINDOWS\TEMP\vgt.exe" O4 - HKCU\..\RunOnce: [ICQ Lite] F:\Programme\ICQLite\ICQLite.exe -trayboot O4 - Global Startup: Erinnerungen in Microsoft Works-Kalender.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: CAPIControl.lnk = ? O4 - Global Startup: Color Calibration.lnk = ? O4 - Global Startup: MagicTune3.5.lnk = ? O4 - Global Startup: NaturalColorLoad.lnk = ? O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Translate English Word - res://c:\programme\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\programme\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - F:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/ger_nopop.exe O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} (IELoaderCtl Class) - http://install.global-netcom.de/ieloader.cab O16 - DPF: {03C543A1-C090-418F-A1D0-FB96380D601D} (preload control) - http://216.82.66.200/build/preload.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/06637071c14b93d3cd19/netzip/RdxIE601_de.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.johannrain-softwareentwicklung.de/DE/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093693149171 O16 - DPF: {67B15B0B-160C-4579-95AF-858169659092} (IELoaderCtl Class) - http://freeload.cc/secure/ieloader.cab O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/de/games4.cab O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://player.virtools.com/downloads/player/Install2.5/Installer.exe O16 - DPF: {D67AC55A-B750-41A4-BEE6-020E017A7996} (IEPlugIn Class) - http://install.cokemusic.de/client/pc/MY-PLAYLIST-WEBINSTALLER_loader.exe O16 - DPF: {E0B795B4-FD95-4ABD-A375-27962EFCE8CF} (StarInstall Control) - http://install.stardialer.de/StarInstall.ocx O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} (MoneyTree Dialer) - http://cdn.climaxbucks.com/mt/dialers/fc/UniDist.CAB O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Assistent) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab O16 - DPF: {FC87A650-207D-4392-A6A1-82ADBC56FA64} (MultiDist) - http://xbs.mtree.com/mt/dialers/fc/MultiDistFC.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{7E2896F6-7259-43F8-8210-D24044DB7CA1}: NameServer = 217.237.151.161 217.237.150.188 O18 - Filter: text/html - {110897E8-6EEA-406D-A1A8-EF673590C533} - C:\Dokumente und Einstellungen\Thomas Seidel\Lokale Einstellungen\Anwendungsdaten\microsoft\internet explorer\V0.39.dat O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - C:\WINDOWS\system32\viruxz.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - F:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - F:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: RVS CommCenter (RvsCC) - Unknown owner - C:\Programme\Teledat\WCOM\SYSTEM\RVSCC.EXE O23 - Service: RvscomSv - Living Byte Software GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSCOMSV.EXE O23 - Service: RVS Installer (RVSINST) - Living Byte Software GmbH, München - C:\Programme\Teledat\WCOM\SYSTEM\RVSINST.EXE Dieser Beitrag wurde am 08.08.2006 um 19:07 Uhr von Thomas s editiert.
|
|
|
|
|
|
|
09.08.2006, 01:10
Ehrenmitglied
 Beiträge: 29434 |
#4
stelle den CleanUp genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html Kopiere diese 4 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
09.08.2006, 11:23
Member
Themenstarter Beiträge: 12 |
#5
Danke erstmal für die hilfe
log 1 09.08.2006 11:06 33.193 nvapps.xml 08.08.2006 15:15 176.128 viruxz.dll 06.08.2006 14:21 43.520 CmdLineExt03.dll 02.08.2006 10:36 724.472 PerfStringBackup.TMP 15.07.2006 17:59 12.067 SIntf16.dll 15.07.2006 17:59 21.840 SIntfNT.dll 15.07.2006 17:59 17.212 SIntf32.dll 13.07.2006 09:25 13.668 wpa.dbl 29.06.2006 13:36 6.961 jupdate-1.5.0_07-b03.log 13.06.2006 18:19 963 users32.exe 13.06.2006 18:19 8 winlogon.ini 11.06.2006 10:11 4 thlwin32.dll 02.06.2006 11:04 57.384 avsda.dll 19.05.2006 13:37 8.192 tcpservice2.exe 19.05.2006 13:37 8.192 udpmod.dll 19.05.2006 13:37 8.192 a.exe 19.05.2006 13:37 8.192 alxres.dll 19.05.2006 13:37 8.192 jao.dll 19.05.2006 13:37 8.192 questmod.dll 19.05.2006 13:37 8.192 wstart.dll 19.05.2006 13:37 8.192 runsrv32.dll 19.05.2006 13:37 8.192 dailytoolbar.dll 19.05.2006 13:37 8.192 txfdb32.dll 19.05.2006 13:37 8.192 bridge.dll 19.05.2006 13:37 8.192 runsrv32.exe 19.05.2006 13:29 8.192 CWS_iestart.exe 19.05.2006 13:29 8.192 mirarsearch_toolbar.exe 03.05.2006 02:56 127.078 javaws.exe 03.05.2006 02:56 49.265 jpicpl32.cpl 03.05.2006 01:19 53.346 javaw.exe 03.05.2006 01:19 49.248 java.exe log 2 09.08.2006 11:11 30.403 jusched.log 08.08.2006 19:11 16.384 ~DFBC55.tmp 08.08.2006 19:11 16.384 ~DFB72C.tmp 08.08.2006 19:04 983 TmpICQMagic_{EC202595-1DFD-4301-A1EA-13C1E331B505}15539.html 08.08.2006 18:46 978 TmpICQMagic_{05736BBE-C20F-4F10-A6DE-4DB1E3564B0E}2583.html 08.08.2006 17:58 2.287 TWAIN.LOG 08.08.2006 17:57 4 Twain001.Mtx 08.08.2006 17:57 156 Twunk001.MTX 08.08.2006 17:57 429.044 CNQ1212_2.shd 08.08.2006 15:54 16.384 ~DFCBAB.tmp 08.08.2006 15:54 16.384 ~DFE611.tmp 08.08.2006 15:15 49.696 tmp10.tmp 08.08.2006 14:17 16.384 ~DF616D.tmp 08.08.2006 14:17 16.384 ~DF6684.tmp 06.08.2006 19:59 32.768 ~DFA9BE.tmp 06.08.2006 19:59 16.384 ~DFA117.tmp 06.08.2006 14:22 20.020 SIntf32.dll 06.08.2006 14:22 24.744 SIntfNT.dll 06.08.2006 14:22 12.305 SIntf16.dll 06.08.2006 12:20 16.384 ~DF49F5.tmp 06.08.2006 12:20 16.384 ~DF4532.tmp 05.08.2006 20:04 103 AF3EE5AA.TMP 05.08.2006 20:01 124 0CF6E057.TMP 05.08.2006 19:17 16.384 ~DF62E8.tmp 05.08.2006 19:17 16.384 ~DF48FF.tmp 05.08.2006 16:52 16.384 ~DFB724.tmp 05.08.2006 16:52 16.384 ~DFAFE2.tmp 05.08.2006 10:42 16.384 ~DF201F.tmp 05.08.2006 10:42 16.384 ~DF1B74.tmp 04.08.2006 17:02 16.384 ~DF47CE.tmp 04.08.2006 17:02 16.384 ~DF4CED.tmp 04.08.2006 15:37 16.384 ~DF598F.tmp 04.08.2006 15:37 16.384 ~DF3F5A.tmp 04.08.2006 11:17 16.384 ~DF3162.tmp 04.08.2006 11:17 16.384 ~DF137F.tmp 03.08.2006 22:51 104 F65C8971.TMP 03.08.2006 12:09 16.384 ~DF3FA.tmp 03.08.2006 12:09 16.384 ~DFBF9F.tmp 03.08.2006 11:01 16.384 ~DFE6D5.tmp 03.08.2006 11:01 16.384 ~DFFA.tmp 02.08.2006 18:53 16.384 ~DF232C.tmp 02.08.2006 18:53 16.384 ~DF593.tmp 02.08.2006 17:02 16.384 ~DF5679.tmp 02.08.2006 17:02 16.384 ~DF51B3.tmp 02.08.2006 13:09 16.384 ~DF1C70.tmp 02.08.2006 13:09 16.384 ~DF278F.tmp 02.08.2006 10:36 2.333 dotNetFx.log 02.08.2006 10:35 7.348 ASPNETSetup.log 01.08.2006 17:35 16.384 ~DF6382.tmp 01.08.2006 17:35 16.384 ~DFA12D.tmp 01.08.2006 14:01 16.384 ~DFCB52.tmp 01.08.2006 14:01 16.384 ~DFC69E.tmp 01.08.2006 11:41 717 control.xml 31.07.2006 22:00 16.384 ~DF5142.tmp 31.07.2006 22:00 16.384 ~DF3381.tmp 31.07.2006 19:29 16.384 ~DF16D8.tmp 31.07.2006 19:29 16.384 ~DF1211.tmp 31.07.2006 16:19 16.384 ~DF21FE.tmp 31.07.2006 16:19 16.384 ~DF26CF.tmp 31.07.2006 13:40 16.384 ~DF7026.tmp 31.07.2006 13:40 16.384 ~DF8B18.tmp 31.07.2006 11:09 16.384 ~DFDFDD.tmp 31.07.2006 11:09 16.384 ~DFC5EC.tmp 30.07.2006 19:21 16.384 ~DFF715.tmp 30.07.2006 19:21 16.384 ~DFF1FB.tmp 30.07.2006 17:11 16.384 ~DFC9C1.tmp 30.07.2006 17:11 16.384 ~DFC480.tmp 30.07.2006 13:35 16.384 ~DFFF89.tmp 30.07.2006 13:35 16.384 ~DF41F.tmp 30.07.2006 11:13 16.384 ~DFF0FE.tmp 30.07.2006 11:13 16.384 ~DFF60F.tmp 29.07.2006 18:48 16.384 ~DF5FA0.tmp 29.07.2006 18:48 16.384 ~DF5AF5.tmp 29.07.2006 11:06 16.384 ~DFD6AD.tmp 29.07.2006 11:06 16.384 ~DFD19F.tmp 28.07.2006 19:31 16.384 ~DFEB9B.tmp 28.07.2006 19:31 16.384 ~DFC5BD.tmp 28.07.2006 17:11 16.384 ~DF2CA4.tmp 28.07.2006 17:11 16.384 ~DF5205.tmp 28.07.2006 14:52 16.384 ~DF3CEF.tmp 28.07.2006 14:52 16.384 ~DFF65A.tmp 28.07.2006 12:10 16.384 ~DF1AD.tmp 28.07.2006 12:10 16.384 ~DFFC82.tmp 27.07.2006 16:58 16.384 ~DF129F.tmp 27.07.2006 16:58 16.384 ~DF293C.tmp 27.07.2006 14:35 16.384 ~DF4CD9.tmp 27.07.2006 14:35 16.384 ~DF59CC.tmp 27.07.2006 10:59 16.384 ~DFD92C.tmp 27.07.2006 10:59 16.384 ~DFD477.tmp 26.07.2006 13:32 16.384 ~DFFEBE.tmp 26.07.2006 13:32 16.384 ~DFE145.tmp 26.07.2006 11:29 16.384 ~DFF2A4.tmp 26.07.2006 11:29 16.384 ~DFD41.tmp 26.07.2006 10:14 16.384 ~DF1F6.tmp 26.07.2006 10:14 16.384 ~DFD7FE.tmp 25.07.2006 18:37 16.384 ~DFD697.tmp 25.07.2006 18:37 16.384 ~DFF29F.tmp 25.07.2006 13:40 16.384 ~DFCCA9.tmp 25.07.2006 13:40 16.384 ~DFD574.tmp 25.07.2006 12:16 16.384 ~DFDF2.tmp 25.07.2006 12:16 16.384 ~DF4E5.tmp 25.07.2006 10:03 16.384 ~DFEC61.tmp 25.07.2006 10:03 16.384 ~DFCFC8.tmp 24.07.2006 14:11 16.384 ~DF2080.tmp 24.07.2006 14:11 16.384 ~DF3B4A.tmp 24.07.2006 10:15 16.384 ~DF37F8.tmp 24.07.2006 10:15 16.384 ~DF1D97.tmp 23.07.2006 19:00 16.384 ~DF8E4E.tmp 23.07.2006 19:00 16.384 ~DF8984.tmp 23.07.2006 11:49 16.384 ~DF2DE6.tmp 23.07.2006 11:49 16.384 ~DF48D8.tmp 22.07.2006 19:33 16.384 ~DF2F15.tmp 22.07.2006 19:33 16.384 ~DF14DF.tmp 21.07.2006 15:59 16.384 ~DFEF79.tmp 21.07.2006 15:59 16.384 ~DFD1EB.tmp 21.07.2006 14:24 16.384 ~DF1BAE.tmp 21.07.2006 14:24 16.384 ~DF55.tmp 21.07.2006 12:02 16.384 ~DF4520.tmp 21.07.2006 12:02 16.384 ~DF5FEA.tmp 21.07.2006 10:18 16.384 ~DFF4D7.tmp 21.07.2006 10:18 16.384 ~DFD39F.tmp 20.07.2006 22:30 16.384 ~DFD6FB.tmp 20.07.2006 22:30 16.384 ~DFF6F9.tmp 20.07.2006 12:53 16.384 ~DFFDD9.tmp 20.07.2006 12:53 16.384 ~DFF8F2.tmp 20.07.2006 09:15 16.384 ~DF3AAC.tmp 20.07.2006 09:15 16.384 ~DF206C.tmp 19.07.2006 19:42 16.384 ~DFEC.tmp 19.07.2006 19:42 16.384 ~DF17EB.tmp 19.07.2006 18:11 16.384 ~DF2340.tmp 19.07.2006 18:11 16.384 ~DF3D9C.tmp 19.07.2006 15:28 16.384 ~DF1BB3.tmp 19.07.2006 15:28 16.384 ~DFF1.tmp 19.07.2006 12:11 16.384 ~DFB18.tmp 19.07.2006 12:11 16.384 ~DF2543.tmp 17.07.2006 09:19 13.462 3b1c_appcompat.txt 17.07.2006 09:19 99.890 53F81.dmp 13.07.2006 13:53 797.676 IMT4A.xml 13.07.2006 13:53 2.036 IMT48.xml 13.07.2006 13:53 426 IMT49.xml 13.07.2006 13:53 797.676 IMT47.xml 13.07.2006 13:53 426 IMT46.xml 13.07.2006 13:53 2.036 IMT45.xml 13.07.2006 13:53 426 IMT3D.xml 13.07.2006 13:53 2.036 IMT3C.xml 13.07.2006 13:53 797.676 IMT3E.xml 13.07.2006 13:49 426 IMT21.xml 13.07.2006 13:49 797.676 IMT22.xml 13.07.2006 13:49 2.036 IMT20.xml 13.07.2006 13:47 2.036 IMT1D.xml 13.07.2006 13:47 426 IMT1E.xml 13.07.2006 13:47 797.676 IMT1F.xml 13.07.2006 13:46 426 IMT14.xml 13.07.2006 13:46 797.676 IMT15.xml 13.07.2006 13:46 2.036 IMT13.xml 11.07.2006 11:33 797.676 IMT16.xml 11.07.2006 09:25 797.676 IMT28.xml 11.07.2006 09:25 426 IMT27.xml 11.07.2006 09:25 2.036 IMT26.xml 29.06.2006 16:22 939 jupdate1.5.0.xml 29.06.2006 13:36 458 java_install_reg.log 29.06.2006 13:35 23.568 java_install.log 17.06.2006 12:39 16.384 ~WRF0592.tmp 17.06.2006 12:39 24.672 ~WRS2651.tmp 12.06.2006 22:13 32.768 ~DFF6C0.tmp 11.06.2006 10:13 16.384 ~DF1DD9.tmp 11.06.2006 10:13 16.384 ~DF3B02.tmp 08.06.2006 09:37 16.384 ~DFD3A6.tmp 08.06.2006 09:37 16.384 ~DFCCBF.tmp 01.06.2006 13:41 16.384 ~DFDD0A.tmp 01.06.2006 13:41 16.384 ~DFE402.tmp log 3 09.08.2006 11:13 617.924 WindowsUpdate.log 09.08.2006 11:06 1.443 win.ini 09.08.2006 11:05 2.048 bootstat.dat 09.08.2006 10:45 1.073.102.848 MEMORY.DMP 08.08.2006 22:46 32.630 SchedLgU.Txt 08.08.2006 22:46 50 wiaservc.log 08.08.2006 16:13 380.230 setupapi.log 02.08.2006 11:56 1.452 COM+.log 01.08.2006 11:41 90.415 wmsetup.log 16.07.2006 14:06 100.217 Directx.log 30.06.2006 16:47 252 cdplayer.ini 11.06.2006 20:26 185.145 ntdtcsetup.log 11.06.2006 20:26 1.374 imsins.log 11.06.2006 20:26 40.159 ocmsn.log 11.06.2006 20:26 13.851 KB893803v2.log 11.06.2006 20:26 110.185 iis6.log 11.06.2006 20:26 348.678 tsoc.log 11.06.2006 20:26 286.737 comsetup.log 11.06.2006 20:26 781.677 FaxSetup.log 11.06.2006 20:26 544.255 ocgen.log 11.06.2006 20:26 44.927 msgsocm.log 11.06.2006 10:11 49 spacer.gif 11.06.2006 10:07 3.877 warning_icon.gif 11.06.2006 10:07 283 x.gif 11.06.2006 10:07 1.791 win_logo.gif 11.06.2006 10:07 2.374 ts_header.gif 11.06.2006 10:07 688 ts.gif 11.06.2006 10:07 550 star_small.gif 11.06.2006 10:07 291 v.gif 11.06.2006 10:07 6.399 spyware-detected.gif 11.06.2006 10:07 963 spacer.gif' 11.06.2006 10:07 223 star_gray_small.gif 11.06.2006 10:07 425 star_gray.gif 11.06.2006 10:07 6.695 security_center_caption.gif 11.06.2006 10:07 65 sep_hor.gif 11.06.2006 10:07 53 sep_vert.gif 11.06.2006 10:07 177 security-center-bg.gif 11.06.2006 10:07 10.809 security-center-logo.gif 11.06.2006 10:07 2.735 scan_btn.gif 11.06.2006 10:07 215 main_back.gif 11.06.2006 10:07 2.271 rf_header.gif 11.06.2006 10:07 611 rf.gif 11.06.2006 10:07 11.077 header_4.gif 11.06.2006 10:07 15.421 header_2.gif 11.06.2006 10:07 10.193 header_3.gif 11.06.2006 10:07 25.023 header_1.gif 11.06.2006 10:07 2.922 footer_back.jpg 11.06.2006 10:07 2.306 footer_back.gif 11.06.2006 10:07 592 features.gif 11.06.2006 10:07 2.238 download_box.gif 11.06.2006 10:07 1.682 button_buynow.gif 11.06.2006 10:07 2.067 button_freescan.gif 11.06.2006 10:07 11.602 box_3.gif 11.06.2006 10:07 5.741 box_1.gif 11.06.2006 10:07 72 bg.gif 11.06.2006 10:07 12.019 box_2.gif 11.06.2006 10:07 847 as.gif 11.06.2006 10:07 2.695 as_header.gif 11.06.2006 10:07 372 about_spyware_bottom.gif 11.06.2006 10:07 110 about_spyware_bg.gif log4 09.08.2006 11:22 0 sys.txt 09.08.2006 11:21 18.627 system.txt 09.08.2006 11:20 41.292 systemtemp.txt 09.08.2006 11:18 104.702 system32.txt 09.08.2006 11:05 1.073.074.176 hiberfil.sys 09.08.2006 11:05 1.610.612.736 pagefile.sys 02.08.2006 11:33 45 TEST.XML 17.07.2006 17:59 1.093 journal.txt 13.06.2006 18:38 3.862 TDSLCheck.txt 11.06.2006 20:37 1.397.716 swfinst.txt und jetzt was muss ich machen Dieser Beitrag wurde am 09.08.2006 um 12:32 Uhr von Thomas s editiert.
|
|
|
|
|
|
|
09.08.2006, 12:48
Ehrenmitglied
Beiträge: 29434 |
#6
1,
gehe in die Registry Start - Ausfuehren - regedit bearbeiten - suchen - bestreak bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} -> loeschen 2. spyfalcon.zip -> http://virus-protect.org/zip/spyfalcon.zip -> entpacken auf dem Desktop -> spyfalcon.reg ->doppeltklicken und der Registry mit "ja/yes" beifügen 3. Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat Files to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ***** poste das log vom avenger, was erscheint -------------------------------------------------------------------------------------- öffne das HijackThis -- Button "scan" -- vor die Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file)_____________________________________________________________________________ ** poste noch mal die 4 logs von datfindbat (bis April 2006) , denn ich habe noch nicht alle Viren erfassen koennen, du hast zuwenig Daten gepostet............ ** Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\ __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
09.08.2006, 13:35
Member
Themenstarter Beiträge: 12 |
#7
Logfile of The Avenger version 1, by Swandog46
Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\hajcembt ******************* Script file located at: \??\C:\Program Files\hdemdxax.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\WINDOWS\system32\viruxz.dll deleted successfully. File C:\WINDOWS\system32\users32.exe deleted successfully. File C:\WINDOWS\system32\winlogon.ini deleted successfully. File C:\WINDOWS\system32\thlwin32.dll deleted successfully. File C:\WINDOWS\system32\tcpservice2.exe deleted successfully. File C:\WINDOWS\system32\udpmod.dll deleted successfully. File C:\WINDOWS\system32\a.exe deleted successfully. File C:\WINDOWS\system32\alxres.dll deleted successfully. File C:\WINDOWS\system32\jao.dll deleted successfully. File C:\WINDOWS\system32\questmod.dll deleted successfully. File C:\WINDOWS\system32\wstart.dll deleted successfully. File C:\WINDOWS\system32\runsrv32.dll deleted successfully. File C:\WINDOWS\system32\dailytoolbar.dll deleted successfully. File C:\WINDOWS\system32\txfdb32.dll deleted successfully. File C:\WINDOWS\system32\bridge.dll deleted successfully. File C:\WINDOWS\system32\runsrv32.exe deleted successfully. File C:\WINDOWS\system32\CWS_iestart.exe deleted successfully. File C:\WINDOWS\system32\mirarsearch_toolbar.exe deleted successfully. File C:\WINDOWS\spacer.gif deleted successfully. File C:\WINDOWS\warning_icon.gif deleted successfully. File C:\WINDOWS\x.gif deleted successfully. File C:\WINDOWS\win_logo.gif deleted successfully. File C:\WINDOWS\ts_header.gif deleted successfully. File C:\WINDOWS\ts.gif deleted successfully. File C:\WINDOWS\star_small.gif deleted successfully. File C:\WINDOWS\v.gif deleted successfully. File C:\WINDOWS\spyware-detected.gif deleted successfully. File C:\WINDOWS\spacer.gif' deleted successfully. File C:\WINDOWS\star_gray_small.gif deleted successfully. File C:\WINDOWS\star_gray.gif deleted successfully. File C:\WINDOWS\security_center_caption.gif deleted successfully. File C:\WINDOWS\sep_hor.gif deleted successfully. File C:\WINDOWS\sep_vert.gif deleted successfully. File C:\WINDOWS\security-center-bg.gif deleted successfully. File C:\WINDOWS\security-center-logo.gif deleted successfully. File C:\WINDOWS\scan_btn.gif deleted successfully. File C:\WINDOWS\main_back.gif deleted successfully. File C:\WINDOWS\rf_header.gif deleted successfully. File C:\WINDOWS\rf.gif deleted successfully. File C:\WINDOWS\header_4.gif deleted successfully. File C:\WINDOWS\header_2.gif deleted successfully. File C:\WINDOWS\header_3.gif deleted successfully. File C:\WINDOWS\header_1.gif deleted successfully. File C:\WINDOWS\footer_back.jpg deleted successfully. File C:\WINDOWS\footer_back.gif deleted successfully. File C:\WINDOWS\features.gif deleted successfully. File C:\WINDOWS\download_box.gif deleted successfully. File C:\WINDOWS\button_buynow.gif deleted successfully. File C:\WINDOWS\button_freescan.gif deleted successfully. File C:\WINDOWS\box_3.gif deleted successfully. File C:\WINDOWS\box_1.gif deleted successfully. File C:\WINDOWS\bg.gif deleted successfully. File C:\WINDOWS\12.019 box_2.gif not found! Deletion of file C:\WINDOWS\12.019 box_2.gif failed! Could not process line: C:\WINDOWS\12.019 box_2.gif Status: 0xc0000034 File C:\WINDOWS\as.gif deleted successfully. File C:\WINDOWS\as_header.gif deleted successfully. File C:\WINDOWS\about_spyware_bottom.gif deleted successfully. File C:\WINDOWS\about_spyware_bg.gif deleted successfully. File C:\Dokumente und Einstellungen\Thomas Seidel\Lokale Einstellungen\Anwendungsdaten\microsoft\internet explorer\V0.39.dat not found! Deletion of file C:\Dokumente und Einstellungen\Thomas Seidel\Lokale Einstellungen\Anwendungsdaten\microsoft\internet explorer\V0.39.dat failed! Could not process line: C:\Dokumente und Einstellungen\Thomas Seidel\Lokale Einstellungen\Anwendungsdaten\microsoft\internet explorer\V0.39.dat Status: 0xc0000034 File C:\WINDOWS\TEMP\vgt.exe not found! Deletion of file C:\WINDOWS\TEMP\vgt.exe failed! Could not process line: C:\WINDOWS\TEMP\vgt.exe Status: 0xc0000034 File C:\Programme\IntCodec\isaddon.dll not found! Deletion of file C:\Programme\IntCodec\isaddon.dll failed! Could not process line: C:\Programme\IntCodec\isaddon.dll Status: 0xc0000034 File C:\Programme\IntCodec\isamini.exe deleted successfully. File C:\Programme\IntCodec\isamonitor.exe not found! Deletion of file C:\Programme\IntCodec\isamonitor.exe failed! Could not process line: C:\Programme\IntCodec\isamonitor.exe Status: 0xc0000034 File C:\Programme\IntCodec\iesplugin.dll deleted successfully. File C:\Programme\IntCodec\iesuninst.exe deleted successfully. File C:\Programme\IntCodec\isauninst.exe deleted successfully. File C:\Programme\IntCodec\pmmon.exe deleted successfully. File C:\Programme\IntCodec\pmsngr.exe deleted successfully. File C:\Programme\IntCodec\pmuninst.exe deleted successfully. File C:\Programme\IntCodec\ts.ico deleted successfully. File C:\Programme\IntCodec\ot.ico deleted successfully. Completed script processing. ******************* Finished! Terminate. Danke für die Hilfe. Es ist wieder alles in Ordnung Dieser Beitrag wurde am 09.08.2006 um 13:49 Uhr von Thomas s editiert.
|
|
|
|
|
|
|
09.08.2006, 14:25
Ehrenmitglied
Beiträge: 29434 |
#8
ich denke nicht, dass alles wieder in Ordnung ist, arbeite bitte alles weitere ab, wenn du einen einigermassen sauberen Rechner willst...........
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten