Wie bekomme ich den BOO/Sinowal.d weg? |
||
---|---|---|
#0
| ||
25.08.2009, 16:46
...neu hier
Beiträge: 5 |
||
|
||
26.08.2009, 01:16
Moderator
Beiträge: 5694 |
#2
Hallo und soory für die verspätete Antwort
Arbeite einmal den Link in meiner Signatur ab dann sehen wir was sich machen lässt, wobei zu erwähnen ist, dass ein infizierter MBR nicht so ideal ist. Falls Du Ebankin machst, dann unterlasse das vorerst. Gruss Swiss |
|
|
||
26.08.2009, 13:20
...neu hier
Themenstarter Beiträge: 5 |
#3
Danke für den Hinweis:
Malwarebytes Log Zitat Malwarebytes' Anti-Malware 1.40GMer Report GMER 1.0.15.15077 [ih42v7q8.exe] - http://www.gmer.net Rootkit scan 2009-08-26 13:20:09 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- SSDT BA72CF5E ZwCreateKey SSDT BA72CF54 ZwCreateThread SSDT BA72CF63 ZwDeleteKey SSDT BA72CF6D ZwDeleteValueKey SSDT spii.sys ZwEnumerateKey [0xB9EC5CA4] SSDT spii.sys ZwEnumerateValueKey [0xB9EC6032] SSDT BA72CF72 ZwLoadKey SSDT spii.sys ZwOpenKey [0xB9EA70C0] SSDT BA72CF40 ZwOpenProcess SSDT BA72CF45 ZwOpenThread SSDT spii.sys ZwQueryKey [0xB9EC610A] SSDT spii.sys ZwQueryValueKey [0xB9EC5F8A] SSDT BA72CF7C ZwReplaceKey SSDT BA72CF77 ZwRestoreKey SSDT BA72CF68 ZwSetValueKey SSDT BA72CF4F ZwTerminateProcess INT 0x62 ? 8B187BF8 INT 0x63 ? 8AECFBF8 INT 0x73 ? 8B187BF8 INT 0x73 ? 8B187BF8 INT 0x73 ? 8B189BF8 INT 0x73 ? 8AECFBF8 INT 0x73 ? 8B187BF8 INT 0x82 ? 8B187BF8 INT 0x83 ? 8B187BF8 INT 0x83 ? 8B187BF8 INT 0x83 ? 8AECFBF8 INT 0x83 ? 8B187BF8 INT 0x94 ? 8AECFBF8 INT 0xB4 ? 8AECFBF8 ---- Kernel code sections - GMER 1.0.15 ---- ? spii.sys Das System kann die angegebene Datei nicht finden. ! .text USBPORT.SYS!DllUnload B95518AC 5 Bytes JMP 8AECF1D8 .text a2mjm6zz.SYS B9465386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text a2mjm6zz.SYS B94653AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text a2mjm6zz.SYS B94653C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH} .text a2mjm6zz.SYS B94653C9 1 Byte [30] .text a2mjm6zz.SYS B94653C9 11 Bytes [30, 00, 00, 00, 5C, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESP; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL} .text ... ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA8042] spii.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA813E] spii.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA80C0] spii.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA8800] spii.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA86D6] spii.sys IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EB7E9C] spii.sys IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!READ_PORT_UCHAR] 1C8D9E88 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KeGetCurrentIrql] 9E880000 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfRaiseIrql] 00001CA9 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfLowerIrql] 0E798366 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!HalGetInterruptVector] 74AAB000 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!HalTranslateBusAddress] 8186C636 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfReleaseSpinLock] 1C8386C6 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!READ_PORT_USHORT] 001C8E86 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200 IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CAA IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[WMILIB.SYS!WmiSystemControl] 8800001C IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB19E ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 8B1171F8 Device \Driver\PCI_PNP4264 \Device\00000041 spii.sys Device \Driver\usbuhci \Device\USBPDO-0 8AECE1F8 Device \Driver\usbuhci \Device\USBPDO-1 8AECE1F8 Device \Driver\usbehci \Device\USBPDO-2 8AEB71F8 Device \Driver\usbuhci \Device\USBPDO-3 8AECE1F8 Device \Driver\usbuhci \Device\USBPDO-4 8AECE1F8 AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB) Device \Driver\usbuhci \Device\USBPDO-5 8AECE1F8 Device \Driver\usbehci \Device\USBPDO-6 8AEB71F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 8B1191F8 Device \Driver\sptd \Device\1276924264 spii.sys Device \Driver\Ftdisk \Device\HarddiskVolume2 8B1191F8 Device \Driver\Cdrom \Device\CdRom0 8AEAB1F8 Device \Driver\Ftdisk \Device\HarddiskVolume3 8B1191F8 Device \Driver\Cdrom \Device\CdRom1 8AEAB1F8 Device \Driver\Ftdisk \Device\HarddiskVolume4 8B1191F8 Device \Driver\Ftdisk \Device\HarddiskVolume5 8B1191F8 Device \Driver\Ftdisk \Device\HarddiskVolume6 8B1191F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 8AAD8500 Device \Driver\NetBT \Device\NetbiosSmb 8AAD8500 Device \Driver\NetBT \Device\NetBT_Tcpip_{3292C7B8-C9EA-4B9C-83D5-E06DCCE5103A} 8AAD8500 Device \Driver\usbuhci \Device\USBFDO-0 8AECE1F8 Device \Driver\usbuhci \Device\USBFDO-1 8AECE1F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8AB78500 Device \Driver\usbehci \Device\USBFDO-2 8AEB71F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8AB78500 Device \Driver\usbuhci \Device\USBFDO-3 8AECE1F8 Device \Driver\usbuhci \Device\USBFDO-4 8AECE1F8 Device \Driver\Ftdisk \Device\FtControl 8B1191F8 Device \Driver\usbuhci \Device\USBFDO-5 8AECE1F8 Device \Driver\usbehci \Device\USBFDO-6 8AEB71F8 Device \Driver\a2mjm6zz \Device\Scsi\a2mjm6zz1Port7Path0Target0Lun0 8AE581F8 Device \Driver\a2mjm6zz \Device\Scsi\a2mjm6zz1 8AE581F8 Device \Driver\JRAID \Device\Scsi\JRAID1 8B1181F8 Device \FileSystem\Cdfs \Cdfs 8AB79500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x98 0x36 0xF4 0x35 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCD 0x1A 0xAB 0x81 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD3 0x84 0x43 0xC7 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x98 0x36 0xF4 0x35 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCD 0x1A 0xAB 0x81 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD3 0x84 0x43 0xC7 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x98 0x36 0xF4 0x35 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCD 0x1A 0xAB 0x81 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDC 0x6E 0x5B 0xCA ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE}@iaoceblcmnlcoonjfd 0x6A 0x61 0x63 0x69 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE}@haackikpkkdiapdk 0x6A 0x61 0x63 0x69 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE}@iaccekocbaneolikla 0x63 0x61 0x6A 0x64 ... ---- EOF - GMER 1.0.15 ---- HiJackThis Log: Zitat Logfile of Trend Micro HijackThis v2.0.2Uninstall Liste: Zitat 2007 Microsoft Office Suite Service Pack 1 (SP1) |
|
|
||
26.08.2009, 20:08
Moderator
Beiträge: 5694 |
#4
>>
Schliesse alle Fenster und starte Hijack This Klicke: Do a Systemscan only Setze ein Häckchen in das Kästchen vor den genannten Einträgen bei: (falls diese noch vorhanden sind) Zitat R3 - URLSearchHook: (no name) - - (no file)und wähle fix checked. Starte den Rechner neu. >> Download ToolbarSD zum Desktop Nur fuer Windows XP und Vista Doppelklick ToolBarSD.exe Gib ein D Enter und klicke bei den Pop-Up ok Wähle 1 Enter Am Ende erscheint ein Log (C:\TB.txt) poste dessen inhalt im Thread Starte ToolbarSD nochmal Gib ein D Enter und klicke bei den Pop-Up ok Wähle 2 Enter Am Ende erscheint ein Log (C:\TB.txt) poste dessen inhalt im Thread >> Mach ein Onlinescan mit Bitdefender und poste das Log: http://virus-protect.org/artikel/tools/bitdefender.html Gruss Swiss |
|
|
||
26.08.2009, 20:56
...neu hier
Themenstarter Beiträge: 5 |
#5
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz ) BIOS : Award Modular BIOS v6.00PG USER : nitroox ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:24 Go (Free:4 Go) D:\ (Local Disk) - NTFS - Total:29 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:137 Go (Free:16 Go) F:\ (Local Disk) - NTFS - Total:136 Go (Free:26 Go) G:\ (Local Disk) - NTFS - Total:66 Go (Free:26 Go) H:\ (CD or DVD) I:\ (Local Disk) - NTFS - Total:24 Go (Free:5 Go) J:\ (CD or DVD) K:\ (USB) - FAT32 - Total:492 Mo (Free:0 Go) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( 26.08.2009|20:42 ) -----------\\ Suche nach Dateien - Ordnern ... C:\DOKUME~1\nitroox\LOKALE~1\Temp\NERO14766\Toolbar.exe C:\Programme\DAEMON Tools Toolbar C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll C:\Programme\DAEMON Tools Toolbar\Resources C:\Programme\DAEMON Tools Toolbar\uninst.exe C:\Programme\DAEMON Tools Toolbar\_DTLite.xml C:\Programme\DAEMON Tools Toolbar\Resources\about.ico C:\Programme\DAEMON Tools Toolbar\Resources\AboutWindow.ico C:\Programme\DAEMON Tools Toolbar\Resources\AddRadioStation.ico C:\Programme\DAEMON Tools Toolbar\Resources\as.ico C:\Programme\DAEMON Tools Toolbar\Resources\as.png C:\Programme\DAEMON Tools Toolbar\Resources\astro.ico C:\Programme\DAEMON Tools Toolbar\Resources\az.ico C:\Programme\DAEMON Tools Toolbar\Resources\b1.bmp C:\Programme\DAEMON Tools Toolbar\Resources\b1.png C:\Programme\DAEMON Tools Toolbar\Resources\BurnImage.ico C:\Programme\DAEMON Tools Toolbar\Resources\buy.ico C:\Programme\DAEMON Tools Toolbar\Resources\cond000.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond001.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond003.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond004.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond005.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond006.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond007.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond008.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond009.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond010.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond011.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond019.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond020.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond021.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond022.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond023.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond024.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond025.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond026.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond037.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond038.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond039.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond040.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond041.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond046.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond048.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond050.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond051.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond052.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond053.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond054.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond055.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond056.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond057.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond058.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond059.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond060.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond061.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond062.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond063.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond064.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond065.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond066.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond067.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond068.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond069.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond075.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond076.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond077.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond078.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond079.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond080.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond084.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond085.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond086.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond087.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond088.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond089.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond090.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond091.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond092.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond093.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond094.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond095.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond108.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond109.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond110.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond111.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond112.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond113.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond120.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond121.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond122.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond126.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond127.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond128.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond129.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond130.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond131.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond132.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond133.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond134.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond135.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond136.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond137.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond138.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond140.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond141.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond142.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond143.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond148.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond149.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond152.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond154.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond155.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond156.gif C:\Programme\DAEMON Tools Toolbar\Resources\cond157.gif C:\Programme\DAEMON Tools Toolbar\Resources\Config.ico C:\Programme\DAEMON Tools Toolbar\Resources\d.ico C:\Programme\DAEMON Tools Toolbar\Resources\d2.ico C:\Programme\DAEMON Tools Toolbar\Resources\daemon.ico C:\Programme\DAEMON Tools Toolbar\Resources\dot_disabled.bmp C:\Programme\DAEMON Tools Toolbar\Resources\dot_enabled.bmp C:\Programme\DAEMON Tools Toolbar\Resources\dot_on_over.bmp C:\Programme\DAEMON Tools Toolbar\Resources\ds.ico C:\Programme\DAEMON Tools Toolbar\Resources\dsearch.ico C:\Programme\DAEMON Tools Toolbar\Resources\dt.ico C:\Programme\DAEMON Tools Toolbar\Resources\DTPro.ico C:\Programme\DAEMON Tools Toolbar\Resources\dtt16.ico C:\Programme\DAEMON Tools Toolbar\Resources\dtt32.ico C:\Programme\DAEMON Tools Toolbar\Resources\Dwnl.ico C:\Programme\DAEMON Tools Toolbar\Resources\emulation.ico C:\Programme\DAEMON Tools Toolbar\Resources\favicon.ico C:\Programme\DAEMON Tools Toolbar\Resources\features.ico C:\Programme\DAEMON Tools Toolbar\Resources\GameCentrix.ico C:\Programme\DAEMON Tools Toolbar\Resources\GameS.ico C:\Programme\DAEMON Tools Toolbar\Resources\GameSA.ico C:\Programme\DAEMON Tools Toolbar\Resources\gd.ico C:\Programme\DAEMON Tools Toolbar\Resources\genre.xml C:\Programme\DAEMON Tools Toolbar\Resources\globe.ico C:\Programme\DAEMON Tools Toolbar\Resources\GrabImage.ico C:\Programme\DAEMON Tools Toolbar\Resources\hb.bmp C:\Programme\DAEMON Tools Toolbar\Resources\hb.ico C:\Programme\DAEMON Tools Toolbar\Resources\help.ico C:\Programme\DAEMON Tools Toolbar\Resources\hide.ico C:\Programme\DAEMON Tools Toolbar\Resources\ImageS.ico C:\Programme\DAEMON Tools Toolbar\Resources\ImageSA.ico C:\Programme\DAEMON Tools Toolbar\Resources\ip.ico C:\Programme\DAEMON Tools Toolbar\Resources\lang.xml C:\Programme\DAEMON Tools Toolbar\Resources\lingvo.ico C:\Programme\DAEMON Tools Toolbar\Resources\m.ico C:\Programme\DAEMON Tools Toolbar\Resources\mail.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mailc.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mailc_disable.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mailc_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mailc_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mailc_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mail_disable.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mail_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mail_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\mail_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico C:\Programme\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico C:\Programme\DAEMON Tools Toolbar\Resources\MenuRSCur.ico C:\Programme\DAEMON Tools Toolbar\Resources\MenuTr.ico C:\Programme\DAEMON Tools Toolbar\Resources\next.bmp C:\Programme\DAEMON Tools Toolbar\Resources\next_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\next_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\next_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\none.bmp C:\Programme\DAEMON Tools Toolbar\Resources\none_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\noW.gif C:\Programme\DAEMON Tools Toolbar\Resources\op.ico C:\Programme\DAEMON Tools Toolbar\Resources\play.bmp C:\Programme\DAEMON Tools Toolbar\Resources\play.ico C:\Programme\DAEMON Tools Toolbar\Resources\play_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\play_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\play_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\pragma.ico C:\Programme\DAEMON Tools Toolbar\Resources\prev.bmp C:\Programme\DAEMON Tools Toolbar\Resources\prev_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\prev_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\prev_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\prod.ico C:\Programme\DAEMON Tools Toolbar\Resources\Radio.ico C:\Programme\DAEMON Tools Toolbar\Resources\RadioBg.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioBg.ico C:\Programme\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioDisp.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown.ico C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioE.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioG.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioL.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioLeft.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioLM.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioM.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioN.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioR.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioR.ico C:\Programme\DAEMON Tools Toolbar\Resources\RadioRM.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioRU.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\RadioW.bmp C:\Programme\DAEMON Tools Toolbar\Resources\rbcheck.ico C:\Programme\DAEMON Tools Toolbar\Resources\rbtxt.ico C:\Programme\DAEMON Tools Toolbar\Resources\refresh.bmp C:\Programme\DAEMON Tools Toolbar\Resources\refresh_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\refresh_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\refresh_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\Rss.ico C:\Programme\DAEMON Tools Toolbar\Resources\Rss1.ico C:\Programme\DAEMON Tools Toolbar\Resources\RssA.ico C:\Programme\DAEMON Tools Toolbar\Resources\RssA1.ico C:\Programme\DAEMON Tools Toolbar\Resources\rssClose.ico C:\Programme\DAEMON Tools Toolbar\Resources\rssL.bmp C:\Programme\DAEMON Tools Toolbar\Resources\rssOpen.ico C:\Programme\DAEMON Tools Toolbar\Resources\RssRefresh.ico C:\Programme\DAEMON Tools Toolbar\Resources\s2.ico C:\Programme\DAEMON Tools Toolbar\Resources\show.ico C:\Programme\DAEMON Tools Toolbar\Resources\size.bmp C:\Programme\DAEMON Tools Toolbar\Resources\size_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\skins.ico C:\Programme\DAEMON Tools Toolbar\Resources\spt.ico C:\Programme\DAEMON Tools Toolbar\Resources\stop.bmp C:\Programme\DAEMON Tools Toolbar\Resources\stop.ico C:\Programme\DAEMON Tools Toolbar\Resources\stop_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\stop_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\stop_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\style.ico C:\Programme\DAEMON Tools Toolbar\Resources\SupportRequest.ico C:\Programme\DAEMON Tools Toolbar\Resources\time.ico C:\Programme\DAEMON Tools Toolbar\Resources\TitleIcon.ico C:\Programme\DAEMON Tools Toolbar\Resources\toolbar.xml C:\Programme\DAEMON Tools Toolbar\Resources\trans.ico C:\Programme\DAEMON Tools Toolbar\Resources\Trash.bmp C:\Programme\DAEMON Tools Toolbar\Resources\Trash_disable.bmp C:\Programme\DAEMON Tools Toolbar\Resources\Trash_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\Trash_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\Trash_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\u.ico C:\Programme\DAEMON Tools Toolbar\Resources\vol.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol.ico C:\Programme\DAEMON Tools Toolbar\Resources\vol_back.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol_dott.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol_mute.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp C:\Programme\DAEMON Tools Toolbar\Resources\vol_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wb.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtText.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtText_down.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtText_m.bmp C:\Programme\DAEMON Tools Toolbar\Resources\wBtText_under.bmp C:\Programme\DAEMON Tools Toolbar\Resources\Weather_m42.bmp C:\Programme\DAEMON Tools Toolbar\Resources\Weather_m43.bmp C:\Programme\DAEMON Tools Toolbar\Resources\WebS.ico C:\Programme\DAEMON Tools Toolbar\Resources\WebSa.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi0.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi1.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi10.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi11.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi12.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi13.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi14.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi2.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi3.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi4.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi5.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi6.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi7.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi8.ico C:\Programme\DAEMON Tools Toolbar\Resources\wi9.ico -----------\\ Extensions (nitroox) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://start.icq.com/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" --------------------\\ Suche nach anderen Infektionen Kein anderen Infektionen gefunden ! 1 - "C:\ToolBar SD\TB_1.txt" - 26.08.2009|20:44 - Option : [1] -----------\\ Scan beendet um 20:44:06,96 |
|
|
||
26.08.2009, 20:58
...neu hier
Themenstarter Beiträge: 5 |
#6
-----------\\ ToolBar S&D 1.2.9 XP/Vista
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz ) BIOS : Award Modular BIOS v6.00PG USER : nitroox ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:24 Go (Free:4 Go) D:\ (Local Disk) - NTFS - Total:29 Go (Free:4 Go) E:\ (Local Disk) - NTFS - Total:137 Go (Free:16 Go) F:\ (Local Disk) - NTFS - Total:136 Go (Free:26 Go) G:\ (Local Disk) - NTFS - Total:66 Go (Free:26 Go) H:\ (CD or DVD) I:\ (Local Disk) - NTFS - Total:24 Go (Free:5 Go) J:\ (CD or DVD) K:\ (USB) - FAT32 - Total:492 Mo (Free:0 Go) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [2] ( 26.08.2009|20:56 ) -----------\\ FIX Geloescht ! - C:\DOKUME~1\nitroox\LOKALE~1\Temp\NERO14766\Toolbar.exe Geloescht ! - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll Geloescht ! - C:\Programme\DAEMON Tools Toolbar\Resources Geloescht ! - C:\Programme\DAEMON Tools Toolbar\uninst.exe Geloescht ! - C:\Programme\DAEMON Tools Toolbar\_DTLite.xml Geloescht ! - C:\Programme\DAEMON Tools Toolbar -----------\\ Suche nach Dateien - Ordnern ... -----------\\ Extensions (nitroox) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://start.icq.com/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.msn.com/" --------------------\\ Suche nach anderen Infektionen Kein anderen Infektionen gefunden ! 1 - "C:\ToolBar SD\TB_1.txt" - 26.08.2009|20:44 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 26.08.2009|20:57 - Option : [2] -----------\\ Scan beendet um 20:57:31,25 |
|
|
||
27.08.2009, 11:41
Moderator
Beiträge: 5694 |
||
|
||
27.08.2009, 13:59
...neu hier
Themenstarter Beiträge: 5 |
#8
BitDefender Online Scanner - Echtzeit-Virenmeldung
Erstellt am: Thu, Aug 27, 2009 - 13:58:26 Prüf-Info Geprüfte Dateien 111965 Infizierte Dateien 0 Erkannte Viren Keine Viren gefunden Diese Zusammenfassung des Prüfvorgangs wird vom BitDefender Virus Labor dazu verwendet detaillierte Berichte über die weltweite Aktivität von Viren zu erstellen. |
|
|
||
28.08.2009, 00:28
Moderator
Beiträge: 5694 |
#9
mache folgendes:
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als fix.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. Zitat mbr.exe –fDoppelklick auf fix.bat Es wird ein Log erstellt ( mbr.log )und poste dessen Inhalt in deinen Beitrag >> sdfix http://virus-protect.org/artikel/tools/sdfix.html unter C:\ findet man nun den SDFix-Ordner boote in den abgesicherten Modus (die Taste F8 drücken, während der Rechner neustartet) gehe in den Ordner C:\SDFix RunThis.bat doppelt klicken folge allen Anweisungen, während gescannt wird - dann wird der Rechner neustarten kopiere mit der rechten Maustaste den Text ab, der erscheint - und in den Beitrag Gruss Swiss |
|
|
||
wie auf http://virus-protect.org/artikel/tools/mbr.html beschrieben ist, poste ich hier die Logfile... Ich bitte um Hilfe bekomme das Ding nicht weg....
Zitat