(about blank seite)und weist auf Spyware hin |
||
---|---|---|
#0
| ||
22.08.2006, 13:51
Ehrenmitglied
Beiträge: 29434 |
||
|
||
22.08.2006, 13:52
Ehrenmitglied
Themenstarter Beiträge: 29434 |
#2
1.
poste folgendes Log http://virus-protect.org/artikel/tools/combofix.html 2. stelle den CleanUp genauso ein, wie hier angegeben: http://virus-protect.org/cleanup.html 3. Kopiere diese 4 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
23.08.2006, 12:57
...neu hier
Beiträge: 1 |
#3
Datentr„ger in Laufwerk C: ist WINXP
Volumeseriennummer: E457-6D2A Verzeichnis von C:\WINDOWS\system32 06-08-23 12:46 4,389 o6h19kve.ini 06-08-23 12:46 0 f5hdd6uu.html 06-08-23 12:45 2,206 wpa.dbl 06-08-23 01:30 25,296 BMXBkpCtrlState-{00000002-00000000-00000004-00001102-00000002-80651102}.rfx 06-08-23 01:30 25,296 BMXCtrlState-{00000002-00000000-00000004-00001102-00000002-80651102}.rfx 06-08-23 01:30 16,516 BMXState-{00000002-00000000-00000004-00001102-00000002-80651102}.rfx 06-08-23 01:30 16,516 BMXStateBkp-{00000002-00000000-00000004-00001102-00000002-80651102}.rfx 06-08-23 01:30 1,072 settingsbkup.sfm 06-08-23 01:30 1,072 settings.sfm 06-08-23 01:30 24 DVCStateBkp-{00000002-00000000-00000004-00001102-00000002-80651102}.dat 06-08-23 01:30 24 DVCState-{00000002-00000000-00000004-00001102-00000002-80651102}.dat 06-08-23 00:23 2,696 mju7s3gh.dat 06-08-22 18:41 6,656 0,518295049667358.exe 06-08-22 17:47 15,872 udpmod.dll 06-08-22 17:47 27,136 questmod.dll 06-08-22 17:47 12,288 jao.dll 06-08-22 17:47 26,368 bridge.dll 06-08-22 17:47 19,712 a.exe 06-08-22 17:47 31,488 runsrv32.exe 06-08-22 17:47 22,528 txfdb32.dll 06-08-22 17:47 20,736 runsrv32.dll 06-08-22 17:47 11,264 wstart.dll 06-08-22 17:47 15,104 tcpservice2.exe 06-08-22 17:47 28,160 dailytoolbar.dll 06-08-22 17:47 17,152 alxres.dll 06-08-22 09:38 6,444 mshtml32.tdb 06-08-22 09:38 0 lrf.dat 06-08-22 09:37 8 winlogon.ini 06-08-22 09:37 8 smaexp32.dll 06-08-18 18:19 1,024 winblsrv.dll 06-08-18 14:02 57,384 avsda.dll 06-08-17 14:50 2,953 CONFIG.NT 06-08-17 14:07 16 ns0avjco.dat 06-08-17 14:06 335,712 6mdvl0at.dat 06-08-17 14:06 1,856 q8smifnk.dat 06-08-09 21:03 8,325,544 MRT.exe 06-08-06 09:19 94,208 officescan.exe 06-08-06 09:19 11,268 smartdrv.exe 06-07-28 13:28 3,075,072 mshtml.dll 06-07-27 15:25 679,424 inetcomm.dll 06-07-25 22:33 615,936 urlmon.dll 06-07-21 10:29 72,704 hlink.dll 06-07-14 17:38 332,288 netapi32.dll 06-07-14 17:25 546,304 hhctrl.ocx 06-07-13 15:34 8,494,592 shell32.dll 06-07-12 18:16 380,486 perfh009.dat 06-07-12 18:16 52,900 perfc009.dat 06-07-12 18:16 391,330 perfh007.dat 06-07-12 18:16 63,778 perfc007.dat 06-07-12 18:16 897,954 PerfStringBackup.INI 06-07-05 12:55 1,057,792 kernel32.dll 06-06-28 13:24 420,421 o6h19kve.exe 06-06-28 11:49 159,805 g3i0pglt.dll 06-06-26 19:40 8,192 rasadhlp.dll 06-06-26 19:40 148,480 dnsapi.dll 06-06-26 08:18 41,984 8pm1cn6m.exe 06-06-23 13:10 664,576 wininet.dll 06-06-23 13:10 39,424 pngfilt.dll 06-06-23 13:10 146,432 msrating.dll 06-06-23 13:10 532,480 mstime.dll 06-06-23 13:10 448,512 mshtmled.dll 06-06-23 13:10 1,494,016 shdocvw.dll 06-06-23 13:10 474,624 shlwapi.dll 06-06-23 13:10 1,022,976 browseui.dll 06-06-23 13:10 251,392 iepeers.dll 06-06-23 13:10 205,312 dxtrans.dll 06-06-23 13:10 16,384 jsproxy.dll 06-06-23 13:10 1,056,256 danim.dll 06-06-23 13:10 357,888 dxtmsft.dll 06-06-23 13:10 96,768 inseng.dll 06-06-23 13:10 55,808 extmgr.dll 06-06-23 13:10 152,064 cdfview.dll 06-06-23 10:53 27,136 xpsp3res.dll 06-06-19 16:20 702,768 WgaLogon.dll 06-06-19 16:19 571,184 LegitCheckControl.dll 06-06-19 16:19 304,944 WgaTray.exe 06-06-01 20:47 27,648 jgpl400.dll 06-06-01 20:47 163,840 jgdw400.dll 06-05-27 16:18 200,936 FNTCACHE.DAT 06-05-27 14:04 25,941 NULL Datentr„ger in Laufwerk C: ist WINXP Volumeseriennummer: E457-6D2A Verzeichnis von C:\DOKUME~1\XP\LOKALE~1\Temp 06-01-23 15:36 429 datFind.bat 1 Datei(en) 429 Bytes 0 Verzeichnis(se), 998,055,936 Bytes frei Datentr„ger in Laufwerk C: ist WINXP Volumeseriennummer: E457-6D2A Verzeichnis von C:\WINDOWS 06-08-23 12:46 3,376,352 {00000002-00000000-00000004-00001102-00000002-80651102}.BAK 06-08-23 12:46 3,376,352 {00000002-00000000-00000004-00001102-00000002-80651102}.CDF 06-08-23 10:41 0 0.log 06-08-23 10:39 1,136,203 WindowsUpdate.log 06-08-23 10:39 159 wiadebug.log 06-08-23 10:39 50 wiaservc.log 06-08-23 10:38 2,048 bootstat.dat 06-08-23 01:30 32,618 SchedLgU.Txt 06-08-23 00:59 882 tsc.ini 06-08-23 00:25 1,937,629 tsc.ptn 06-08-23 00:25 176,709 tsc.exe 06-08-23 00:25 71,749 hcextoutput.dll 06-08-23 00:25 1,077,328 vsapi32.dll 06-08-23 00:25 86,094 BPMNT.dll 06-08-23 00:25 21,786,153 LPT$VPN.675 06-08-23 00:25 21,786,153 VPTNFILE.675 06-08-23 00:23 170 GetServer.ini 06-08-23 00:22 45,799 setupapi.log 06-08-23 00:22 507,904 TMUPDATE.DLL 06-08-23 00:22 69,689 UNZIP.DLL 06-08-23 00:22 286,720 PATCH.EXE 06-08-22 19:28 2,610 wmsetup.log 06-08-22 17:47 29,184 dlmax.dll 06-08-22 17:47 16,384 Pynix.dll 06-08-22 17:47 10,496 BTGrab.dll 06-08-22 17:47 24,832 ZServ.dll 06-08-22 17:47 28,160 susp.exe 06-08-22 17:47 28,416 alxtb1.dll 06-08-22 17:47 17,664 alxie328.dll 06-08-22 17:47 15,872 alexaie.dll 06-08-22 17:47 1,791 win_logo.gif 06-08-22 17:47 6,147 infected.gif 06-08-20 13:16 3,031 spyware_detected.gif 06-08-20 13:16 1,743 safe_and_trusted.gif 06-08-20 13:16 1,743 remove_spyware_header.gif 06-08-20 13:14 1,014 yellow_warning_ico.gif 06-08-20 13:14 1,472 red_warning_ico.gif 06-08-20 13:14 3,390 logo.gif 06-08-20 13:14 3,877 icon_warning_big.gif 06-08-20 13:14 15,618 free_scan_red_btn.gif 06-08-20 13:14 3,968 download_product.gif 06-08-20 13:14 1,230 download.gif 06-08-20 13:14 64 close_ico.gif 06-08-20 13:14 2,359 click_for_free_scan.gif 06-08-20 13:14 867 buy_now.gif 06-08-20 13:14 4,970 big_red_x.gif 06-08-20 13:08 12,192 product_box.gif 06-08-18 18:19 1,024 system32fab.exe 06-08-18 16:20 72 bg_bg.gif 06-08-17 17:11 196,865 comsetup.log 06-08-17 17:11 120,339 ntdtcsetup.log 06-08-17 17:11 87,406 iis6.log 06-08-17 17:11 222,987 tsoc.log 06-08-17 17:11 1,374 imsins.log 06-08-17 17:11 30,886 ocmsn.log 06-08-17 17:11 25,418 KB920214.log 06-08-17 17:11 286,054 ocgen.log 06-08-17 17:11 28,721 msgsocm.log 06-08-17 17:11 564,130 FaxSetup.log 06-08-17 17:11 1,374 imsins.BAK 06-08-17 17:11 25,176 KB921883.log 06-08-17 17:11 29,333 updspapi.log 06-08-17 17:11 24,990 KB922616.log 06-08-17 17:11 25,598 KB921398.log 06-08-17 17:10 28,841 KB918899.log 06-08-17 17:09 21,377 KB920670.log 06-08-17 17:09 21,534 KB917422.log 06-08-17 17:09 21,957 KB920683.log 06-08-07 17:16 7,608 WgaNotify.log 06-08-06 09:19 151 navibar_corner_right.gif 06-08-06 09:19 150 navibar_corner_left.gif 06-08-06 09:19 53 navibar_bg.gif 06-08-06 09:19 46 infected_top_bg.gif 06-07-25 19:46 101 CTRec.INI 06-07-20 17:09 2,106 vminst.log 06-07-12 14:34 11,840 KB917159.log 06-07-12 14:34 12,391 KB914388.log 06-07-12 14:33 10,506 KB916595.log 06-07-09 08:47 1,048,848 setupapi.log.0.old 06-06-26 08:19 76,800 gjkac70c.exe 06-06-17 11:37 35,489 spupdsvc.log 06-06-17 06:06 10,331 KB917734.log 06-06-17 06:05 14,223 KB918439.log 06-06-17 06:05 14,580 KB917344.log 06-06-17 06:05 14,257 KB917953.log 06-06-17 06:04 14,434 KB911280.log 06-06-17 06:04 17,685 KB916281.log 06-06-17 06:04 11,696 KB914389.log 06-06-08 15:50 963 spacer.gif' 06-05-27 16:17 1,454 COM+.log Datentr„ger in Laufwerk C: ist WINXP Volumeseriennummer: E457-6D2A Verzeichnis von C:\ 06-08-23 12:52 0 sys.txt 06-08-23 12:51 4,569 systemwindows.txt 06-08-23 12:51 11,093 system.txt 06-08-23 12:50 279 systemtemp.txt 06-08-23 12:49 4,263 system32.txt 06-08-23 12:46 0 palsound.txt 06-08-23 10:38 267,964,416 hiberfil.sys 06-08-23 10:38 402,653,184 pagefile.sys 06-08-20 17:36 12,365 WinZipErrorReportLog.Txt 06-05-27 16:16 191 TO_InstallLog.txt 06-05-23 20:40 2,021 TDSLCheck.txt 05-09-02 19:29 211 boot.ini 05-09-02 19:11 47,564 NTDETECT.COM 05-09-02 19:11 251,184 ntldr 05-05-24 16:20 90 LogiSetup.log 05-05-24 16:00 0 MSDOS.SYS 05-05-24 16:00 0 IO.SYS 05-05-24 16:00 0 CONFIG.SYS 05-05-24 16:00 0 AUTOEXEC.BAT 01-08-18 14:00 4,952 bootfont.bin 20 Datei(en) 670,956,382 Bytes 0 Verzeichnis(se), 998,031,360 Bytes frei |
|
|
||
23.08.2006, 13:02
Ehrenmitglied
Themenstarter Beiträge: 29434 |
#4
poste folgendes Log
http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
23.08.2006, 13:16
Ehrenmitglied
Themenstarter Beiträge: 29434 |
#5
Cehennem
1. arbeite ab : Qoofix 1.03 und Download Brute Force Uninstaller - und poste beide scanreporte http://virus-protect.org/artikel/tools/quofixhttp.html 2. Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** poste das log vom avenger, was nach neustart erscheint ** öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file)PC neustarten ** scanne mit smitfraudfix - Option 1 und 2 und poste beide scanreporte http://virus-protect.org/artikel/tools/smitfrautfix.html ** poste noch mal die 4 logs von datfindbat zur ueberpruefung ** deinstalliere: Paltalk loesche: C:\Programme\Common Files\Paltalk + C:\Programme\Paltalk « __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Zitat
__________
MfG Sabina
rund um die PC-Sicherheit