brave sentry, wie kann ichs entfernen?Thema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
21.02.2007, 11:31
Ehrenmitglied
Beiträge: 29434 |
||
|
||
21.02.2007, 15:17
Member
Themenstarter Beiträge: 17 |
#17
Sophos:
Sophos Anti-Virus Version 4.14.0 [Win32/Intel] Virus data version 4.14, February 2007 Includes detection for 216979 viruses, trojans and worms Copyright (c) 1989-2007 Sophos Plc, www.sophos.com System time 14:46:49, System date 21 February 2007 Command line qualifiers are: -f -remove -nc -nb --stop-scan Password protected file C:\Dokumente und Einstellungen\Oliver\Eigene Dateien\ICQ Lite\151983165\milan_297610078\Fluidtechnik_20061024.pdf Password protected file C:\Dokumente und Einstellungen\Oliver\Eigene Dateien\ICQ Lite\151983165\milan_297610078\Fluidtechnik_20061212.pdf Could not check C:\flexlm\eds_id11 (virus scan failed) Could not check C:\I-DEAS11\Iona\OrbixE2A\var\MyDomain\dbs\config_rep\lock (virus scan failed) Could not check C:\I-DEAS11\Iona\OrbixE2A\var\MyDomain\dbs\locator\lock (virus scan failed) Could not check C:\I-DEAS11\Iona\OrbixE2A\var\MyDomain\dbs\locator_priv\lock (virus scan failed) Could not check C:\I-DEAS11\Iona\OrbixE2A\var\MyDomain\dbs\naming\lock (virus scan failed) Could not check C:\I-DEAS11\Iona\OrbixE2A\var\MyDomain\dbs\node_daemon\lock (virus scan failed) >>> Virus 'Troj/HideDl-B' found in file C:\System Volume Information\_restore{AF6FBF6E-5A95-41D2-8D89-8122E99FDEF1}\RP102\A0009420.dll Removal successful >>> Virus 'Troj/HideDl-B' found in file C:\System Volume Information\_restore{AF6FBF6E-5A95-41D2-8D89-8122E99FDEF1}\RP102\A0010434.dll Removal successful Could not open C:\WINDOWS\system32\drivers\sptd.sys Could not open C:\WINDOWS\system32\drivers\sptd4653.sys Password protected file D:\Adobe\Acrobat 7.0\Acrobat\WebSearch\WebSearchENU.pdf Password protected file D:\Adobe\Reader\Messages\DEU\RdrMsgDEU.pdf Password protected file D:\Adobe\Reader\Messages\DEU\read0600win_DEUyhoo0010.pdf Password protected file D:\Adobe\Reader\Messages\ENU\RdrMsgENU.pdf Password protected file D:\Adobe\Reader\Messages\ENU\read0600win_ENUyhoo0010.pdf Password protected file D:\Adobe\Reader\Messages\RdrMsgSplash.pdf Password protected file D:\Adobe\Reader\WebSearch\WebSearchENU.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo-u-3.7.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo-whfragen-2005-ss-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo-whfragen-2005-ws-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo--3.1.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo--3.2.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo--3.4.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo--3.5.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\bo--3.6.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap1\bo-1-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap2\bo-2.1-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap2\bo-2.2-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap2\bo-2.3-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap2\bo-2.4-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap3\bo-3.1-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap3\bo-3.2-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap3\bo-3.3-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap3\bo-3.4-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap3\bo-3.5-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap4\bo-4.1-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap4\bo-4.2-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap4\bo-4.3-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap4\bo-4.4-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Betriebsorganisation\Kap5\bo-5-2005-skr.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20060926.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20060928.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061010.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061024.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061031.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061107.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061109.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061121.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061130.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061212.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20061219.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20070109.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20070118.pdf Password protected file E:\FH-Bo&Studium\Fluidtechnik\Fluidtechnik_20070123.pdf 3 boot sectors swept. 33932 files swept in 28 minutes and 20 seconds. 54 errors were encountered. 2 viruses were discovered. 2 files out of 33932 were infected. Please send infected samples to Sophos for analysis. For advice consult www.sophos.com, email support@sophos.com or telephone +44 1235 559933 46 encrypted files were not checked. Ending Sophos Anti-Virus. Hijackthis: ------- Logfile of HijackThis v1.99.1 Scan saved at 15:18:12, on 21.02.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe D:\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe D:\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe D:\QuickTime\qttask.exe D:\D-Tools\daemon.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe D:\Winamp\winampa.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Gemeinsame Dateien\Teleca Shared\CapabilityManager.exe C:\Programme\ATI Technologies\ATI.ACE\CLI.exe C:\Programme\VIA\RAID\raid_tool.exe C:\I-DEAS11\sec\lmgrd.exe C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe D:\SolidWorks\Solid Works 2005 Crack\Solid Works 2005 crack\lmgrd.exe C:\I-DEAS11\sec\eds_id11.exe C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Programme\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe D:\SolidWorks\Solid Works 2005 Crack\Solid Works 2005 crack\SW_D.EXE C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Outlook Express\msimn.exe D:\hijackthis_199\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.rz.ruhr-uni-bochum.de/login.html O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [VirtualCloneDrive] "d:\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [WinampAgent] d:\Winamp\winampa.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Reader - Schnellstart.lnk = D:\Adobe\Reader\reader_sl.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Programme\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: AutoCAD-Startbeschleuniger.lnk = C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart16.exe O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programme\VIA\RAID\raid_tool.exe O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://D:\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\MICROS~1\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2\bin\npjpi142.dll O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: I-DEAS License Manager 11.0 - GLOBEtrotter Software Inc. - C:\I-DEAS11\sec\lmgrd.exe O23 - Service: IT iona_services.config_rep.olli cfr-MyDomain - Unknown owner - C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe" -ORBproduct_dir "C:\I-DEAS11\Iona\OrbixE2A" -ORBlicense_file "C:\I-DEAS11\Iona\OrbixE2A\licenses.txt" -ORBconfig_dir "C:\I-DEAS11\Iona\OrbixE2A\etc" -ORBconfig_domains_dir "C:\I-DEAS11\Iona\OrbixE2A\etc\domains" -ORBdomain_name cfr-MyDomain -ORBname iona_services.config_rep.olli -plugin=config_rep it_jump_start (file missing) O23 - Service: IT iona_services.locator.olli MyDomain - Unknown owner - C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe" -ORBproduct_dir "C:\I-DEAS11\Iona\OrbixE2A" -ORBlicense_file "C:\I-DEAS11\Iona\OrbixE2A\licenses.txt" -ORBconfig_dir "C:\I-DEAS11\Iona\OrbixE2A\etc" -ORBconfig_domains_dir "C:\I-DEAS11\Iona\OrbixE2A\etc\domains" -ORBdomain_name MyDomain -ORBname iona_services.locator.olli -plugin=locator it_jump_start (file missing) O23 - Service: IT iona_services.naming.olli MyDomain - Unknown owner - C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe" -ORBproduct_dir "C:\I-DEAS11\Iona\OrbixE2A" -ORBlicense_file "C:\I-DEAS11\Iona\OrbixE2A\licenses.txt" -ORBconfig_dir "C:\I-DEAS11\Iona\OrbixE2A\etc" -ORBconfig_domains_dir "C:\I-DEAS11\Iona\OrbixE2A\etc\domains" -ORBdomain_name MyDomain -ORBname iona_services.naming.olli -plugin=naming it_jump_start (file missing) O23 - Service: IT iona_services.node_daemon.olli MyDomain - Unknown owner - C:\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe" -ORBproduct_dir "C:\I-DEAS11\Iona\OrbixE2A" -ORBlicense_file "C:\I-DEAS11\Iona\OrbixE2A\licenses.txt" -ORBconfig_dir "C:\I-DEAS11\Iona\OrbixE2A\etc" -ORBconfig_domains_dir "C:\I-DEAS11\Iona\OrbixE2A\etc\domains" -ORBdomain_name MyDomain -ORBname iona_services.node_daemon.olli -plugin=node_daemon it_jump_start (file missing) O23 - Service: SolidWorks SolidNetWork License Manager - Macrovision Corporation - D:\SolidWorks\Solid Works 2005 Crack\Solid Works 2005 crack\lmgrd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe |
|
|
||
21.02.2007, 17:34
Ehrenmitglied
Beiträge: 29434 |
#18
soweit muesste wieder alles i.o sein
mache noch einen Onlinescan mit ewido oder Panda und poste den report http://virus-protect.org/onlinescan.html p.s: D:\SolidWorks\Solid Works 2005 Crack - solltest du deinstallieren ......... wenn man sieht, dass du den Rechner auch zum Arbeiten benoetigst, st es mir unverstaendlich, dass du dich auf Crack-Seiten rundrueckst - und denentsprechend den Rechner verseuchst __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
21.02.2007, 23:51
Member
Themenstarter Beiträge: 17 |
#19
der panda report:
Incident Status Location Adware:Adware/PestCapture Not disinfected C:\avenger\backup-21.02.2007-13.58.23,87.zip[avenger/BraveSentry/Uninstall.exe] Adware:Adware/BraveSentry Not disinfected C:\avenger\backup-21.02.2007-13.58.23,87.zip[avenger/kernels88.exe] Virus:Trj/Alanchum.RW Disinfected C:\avenger\backup-21.02.2007-13.58.23,87.zip[avenger/ma.exe.exe] Spyware:Cookie/Advertising Not disinfected C:\Dokumente und Einstellungen\Oliver\Cookies\oliver@advertising[2].txt Spyware:Cookie/Falkag Not disinfected C:\Dokumente und Einstellungen\Oliver\Cookies\oliver@as1.falkag[2].txt Spyware:Cookie/Atwola Not disinfected C:\Dokumente und Einstellungen\Oliver\Cookies\oliver@atwola[1].txt Spyware:Cookie/Mediaplex Not disinfected C:\Dokumente und Einstellungen\Oliver\Cookies\oliver@mediaplex[1].txt Spyware:Cookie/Statcounter Not disinfected C:\Dokumente und Einstellungen\Oliver\Cookies\oliver@statcounter[2].txt Potentially unwanted tool:Application/Processor Not disinfected C:\Dokumente und Einstellungen\Oliver\Desktop\SmitfraudFix\Process.exe Potentially unwanted tool:Application/Processor Not disinfected C:\Dokumente und Einstellungen\Oliver\Desktop\SmitfraudFix\SmitfraudFix\Process.exe Potentially unwanted tool:Application/Processor Not disinfected C:\Dokumente und Einstellungen\Oliver\Desktop\SmitfraudFix.zip[SmitfraudFix/Process.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\SDFix\apps\Process.exe Adware:Adware/BraveSentry Not disinfected C:\SDFix\backups\backups.zip[backups/syst.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\SDFix\SDFix.exe[SDFix\apps\Process.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\SDFix.zip[SDFix.exe][SDFix\apps\Process.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\SmitfraudFix\SmitfraudFix\Process.exe Potentially unwanted tool:Application/Processor Not disinfected C:\SmitfraudFix.zip[SmitfraudFix/Process.exe] Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe Hacktool:HackTool/CrackSearch.A Not disinfected D:\CrackSearcher.exe |
|
|
||
22.02.2007, 10:35
Ehrenmitglied
Beiträge: 29434 |
#20
wie gesagt, der rechner ist sauber .....
manuell loeschen + papierkorb leeren: C:\avenger\backup-21.02.2007-13.58.23,87.zip D:\CrackSearcher.exe __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
22.02.2007, 11:03
Member
Themenstarter Beiträge: 17 |
||
|
||
kopiere in den Avenger (ohne "Zitat" )
Zitat
2.gehe in die registry
Start - Ausfuehren - regedit
klicke dich durch zum Schluessel:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\
StandardProfile\AuthorizedApplications\List]
loesche:
"C:\\WINDOWS\\system32\\sm.exe"
"C:\\WINDOWS\\system32\\adirss.exe"
und starte den rechner neu..
------------------------------
3.
http://virus-protect.org/artikel/tools/sdfix.html
im Normalmodus
RunThis.bat doppelt klicken
reinschreiben: 3
3 : wird Sophos geladen - waehle 6 - scanne und poste den report
------------------------------
4.
poste das neue Log vom HijackThis
__________
MfG Sabina
rund um die PC-Sicherheit