Home » Spyware & Browser Hijacker Support Forum » Problem mit DSO-Exploit, was macht der » Themenansicht
Problem mit DSO-Exploit, was macht derThema ist geschlossen! |
||
|---|---|---|
Thema ist geschlossen! |
||
| #0
| ||
|
28.08.2004, 22:32
Ehrenmitglied
 Beiträge: 29434 |
||
 
|
|
|
|
29.08.2004, 00:40
...neu hier
Beiträge: 3 |
#317
hm ging mir nich nur darum..ich dacht du schaust mal das gesamte log durch....
aber egal thx ersma |
|
|
|
|
|
|
29.08.2004, 00:51
Ehrenmitglied
Beiträge: 29434 |
#318
@Torte86
Das hab ich natuerlich getan  alles ok. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 29.08.2004 um 00:51 Uhr von Sabina editiert.
|
|
|
|
|
|
|
29.08.2004, 03:34
...neu hier
Beiträge: 7 |
#319
ich würde mal bei http://www.nsclean.com den dsostop2 runterladen. der stoppt das übel bis ein windows-patch erhältlich ist.
zu adaware: eine detaillierte aufstellung zu den optimalen einstellungen bei adaware wäre wünschenswert. ich habe leider nur die englische. |
|
|
|
|
|
|
29.08.2004, 04:04
...neu hier
Beiträge: 3 |
#320
oki dann dank ich dir recht herzlich sabina
|
|
|
|
|
|
|
29.08.2004, 12:42
...neu hier
Beiträge: 7 |
#321
hallo hier die neuen daten
OWS\system32\addrt.exe infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Renamed. File C:\WINDOWS\afwbck.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\akjxkr.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\amjrml.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\arhhtp.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\avzjjm.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\by the way.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\ayozbw.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\bejnyz.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\bihypq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\bkeygd.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\bkntek.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\bsrozo.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\byazfr.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\cblvsy.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\ccadov.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\cehzih.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\clutks.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\cnxibn.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\cqdpqc.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\crgs32.exe infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\crgs32.exe.bak infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\cruh32.exe infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\cruh32.exe.bak infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\WINDOWS\crwb.exe infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\WINDOWS\cxtyjj.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\czjnqe.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\dcbjll.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\dfuodn.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\dfwxix.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\djluwq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\dmrcre.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\docnqy.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\dowegu.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\dpsvdo.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\dqrcck.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\dziddj.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\ebcypq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\edgyvq.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\elgihr.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\emheib.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\esgaba.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\espcmj.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\eyngnr.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\fdiyzq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\fiplue.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\fkazpq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\foyetx.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\fozuiw.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\frjmvb.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\fyssdh.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\gcbbrn.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\gjgdax.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\gkwyde.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\gohens.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\guzuoz.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\hcciii.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\hftyeu.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\hnvcpp.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\hrabiz.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\iajxxm.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\iesjtf.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\iewl.exe infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\ihgrmi.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\iisaeu.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\iydvdo.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\jjemph.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\jjyffy.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\jllwrb.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\jqpywi.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\jutlfa.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\jvyvtu.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\kcaurp.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\kgeirh.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\kmcrje.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\kplgom.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\krnhfj.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\kyirga.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\ldkcuz.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\lsgbuw.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\mcmxhu.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\mmfwon.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\mmpusp.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\mpuovl.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\mrvbyo.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\muyezp.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\mvzyhc.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\ndloim.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\ngwuub.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\nhiwes.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\nhmcqy.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\notepad.exe.bak infected by "Trojan.Win32.Dialer.by" Virus. Action Taken: File Deleted. File C:\WINDOWS\novyhg.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\nrhytt.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\ntmw32.exe infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\nufylu.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\nzkphj.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_bpdhwi.dat infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_fhboyq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_gfnzvw.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_gjsrls.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_gldlwq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_hvqkls.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_hwymtp.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_mhnzdf.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_ndloim.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_ngfuff.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_oarhnb.dat infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_oxmgff.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_qrzcdv.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_rguhsm.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_terjuu.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_upehaj.dat infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_wklesn.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_wzxbzv.dat infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\WINDOWS\n_yheuxu.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\oacyxr.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\obxwsh.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\ofrdxw.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\ogwkus.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\oiutww.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\opqsbu.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\opzodd.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\orpagd.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\osbsrz.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\ovsyqi.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\pasdqj.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\pfmiip.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\pjumob.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\pkhufo.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\plqina.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\ptpmpj.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\qdvurx.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\qhdweo.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\qifmko.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\qmqsfn.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\quixtj.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\qxdzvf.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\rffwtw.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\riajuc.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\roifah.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\rtyifu.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\rvsqau.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\sbwfxi.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\siobfv.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\skntyv.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\slkfhi.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\snkaac.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\terjuu.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\tkceai.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\tntyfc.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\tpzyqk.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\tqytgc.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\txcnhr.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\uaxggw.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\uncuwy.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\upbklg.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vbwmdj.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vhkfga.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vlqctd.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vohzii.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\vpfqud.dat infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\WINDOWS\vreuai.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vskucr.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vtjkxw.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vuzgkp.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\vvvbmp.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\vzhevj.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\wctmnj.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\wgjybv.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\wkraiq.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\wznjdf.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\ximlqt.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\xivzjp.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\xofhwy.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\xrhpzx.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\xulcbz.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\xxzshh.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\xzsvvp.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\yispco.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\yrpdrf.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\ysgnwg.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\zcrefw.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\zfdfso.dat infected by "TrojanDownloader.Win32.Agent.bc" Virus. Action Taken: File Deleted. File C:\WINDOWS\zgvxjd.dat infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\WINDOWS\ztowwv.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\zuslmd.dat infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Deleted. File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\system32\apiyn32.exe infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\TriacomUD.dll tagged as not-a-virus:RiskWare.Dialer.UDIS.a. No Action Taken. File C:\Dokumente und Einstellungen\Micha der große Held\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7727d467-592d187c.zip infected by "Trojan.Java.StartPage.g" Virus. Action Taken: File Deleted. File C:\Dokumente und Einstellungen\Wolfgang\Anwendungsdaten\webcheck.exe infected by "TrojanDownloader.Win32.Small.gw" Virus. Action Taken: File Deleted. File C:\My Shared Folder\download10937139201487843.dat infected by "Worm.P2P.Apsiv" Virus. Action Taken: File Deleted. File C:\My Shared Folder\download10937139211488593.dat infected by "Worm.P2P.Apsiv" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\A0068447.DLL.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\A0068448.DLL.VIR infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\ADDFZ32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\ADDVN32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\APIRX32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\APIYW.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\APIZJ32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\APPYO32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\ATLCU32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\ATLLB32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\ATLOA.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\ATLUJ32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\CRCF.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\CRGE.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\CRKG32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\CRNB.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\D3OA.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\D3PO.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\D3TO32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\IEAA.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\IPOG.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\IPRJ32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\IPWA32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\IPYP32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVABO.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVAEI.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVALI.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVALN32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVAOK.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVAQI.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVAQY32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVAQZ32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVASS.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVASV32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVATM.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\JAVAWV.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MFCAN32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MFCBE32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MFCFW.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MFCLI.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MFCPF.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MFCQN.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MFCZK.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MSDC.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MSDY32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MSJX.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MSNY.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MSUA.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MSUR32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\MSVM32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\NETGD32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\NETLA32.DLL.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\NTCJ32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\NTFY32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\NTHU32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\NTYG32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\NTYV.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\RQTOY.DLL.VIR infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\SDKMX.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\SDKPQ.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\SDKQV32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\SDKZI32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.al" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\SILENT.EXE.VIR infected by "not-a-virus:AdvWare.WinFetcher.b" Virus. Action Taken: File Renamed. File C:\Programme\AVPersonal\INFECTED\SVFJX.DLL.VIR infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\SYSAT32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\SYSSE32.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WCUCY.DLL.VIR infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WINJV.EXE.VIR infected by "TrojanDownloader.Win32.Agent.bq" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.001 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.002 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.003 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.004 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.005 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.006 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.007 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.008 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.009 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.010 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.011 infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\WSMIW.DLL.VIR infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\XQEFI.DLL.VIR infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\AVPersonal\INFECTED\ZCIWS.DLL.VIR infected by "TrojanDownloader.Win32.WinShow.ak" Virus. Action Taken: File Deleted. File C:\Programme\eMCrypt\Incoming\COGA_0_-_L_-_Released_by_Real_Freak\Elite Plus\eliteplus.zip tagged as not-a-virus:LogoPicture.TheDraw. No Action Taken. File C:\Programme\eMCrypt\Incoming\COGA_0_-_L_-_Released_by_Real_Freak\Jimmy White's Whirlwind Snooker\jimsnook.zip tagged as not-a-virus:LogoPicture.TheDraw.Cold. No Action Taken. File C:\Programme\MyWay\myBar\2.bin\MY2NS.EXE infected by "not-a-virus:AdvWare.Toolbar.MyWay.b" Virus. Action Taken: File Renamed. File C:\Programme\MyWay\myBar\2.bin\NPMYWAY.DLL infected by "not-a-virus:AdvWare.Toolbar.MyWay.e" Virus. Action Taken: File Renamed. File C:\Programme\PestPatrol\Quarantine\20040706165950437.zip infected by "not-a-virus:AdvWare.ClearSearch.b" Virus. Action Taken: File Renamed. File C:\Programme\PestPatrol\Quarantine\20040712035607156.zip infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\Programme\PestPatrol\Quarantine\20040712040045406.zip infected by "TrojanDownloader.Win32.Agent.an" Virus. Action Taken: File Deleted. File C:\RECYCLER\NPROTECT\00000721.dll infected by "Worm.Win32.Randon.u" Virus. Action Taken: File Deleted. File C:\RECYCLER\NPROTECT\00000722.EXE tagged as not-a-virus:RiskWare.mIRC.6.01. No Action Taken. File C:\RECYCLER\NPROTECT\00000800.dll infected by "TrojanDownloader.Win32.Winshow.u" Virus. Action Taken: File Deleted. File C:\RECYCLER\NPROTECT\00000801.dll infected by "TrojanDownloader.Win32.Winshow.u" Virus. Action Taken: File Deleted. File C:\System Volume Information\_restore{E0793B55-9562-4345-A781-01A3AF39EEB3}\RP19\A0006426.exe infected by "TrojanDownloader.Win32.Agent.bi" Virus. Action Taken: File Deleted. File C:\WINDOWS\Downloaded Program Files\ruboskizo2.dll infected by "Trojan.Win32.Dialer.c" Virus. Action Taken: File Deleted. File C:\WINDOWS\system32\TriacomUD.dll tagged as not-a-virus:RiskWare.Dialer.UDIS.a. No Action Taken. File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Global DiVX Player 2.0.1.zip infected by "Worm.P2P.SdDrop.c" Virus. Action Taken: File Deleted. File C:\WINDOWS\system32\TriacomUD.dll tagged as not-a-virus:RiskWare.Dialer.UDIS.a. No Action Taken. File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. Logfile of HijackThis v1.97.7 Scan saved at 12:41:33, on 29.08.2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programme\AVPersonal\AVGUARD.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32\nvsvc32.exe C:\DOKUME~1\MICHAD~1\LOKALE~1\Temp\mwavscan.com C:\DOKUME~1\MICHAD~1\LOKALE~1\Temp\kavss.exe C:\WINDOWS\system32\wscntfy.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE C:\WINDOWS\system32\wuauclt.exe C:\Dokumente und Einstellungen\Micha der große Held\Desktop\computer neu\HijackThis.exe O2 - BHO: (no name) - {714795AE-B851-C38C-644A-A0910EFC29CE} - C:\WINDOWS\system32\apirf32.dll O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O17 - HKLM\System\CCS\Services\Tcpip\..\{B4551B45-4C31-4074-9956-6DEA916F5B17}: NameServer = 217.237.149.225 194.25.2.129 |
|
|
|
|
|
|
29.08.2004, 13:19
Ehrenmitglied
Beiträge: 29434 |
#322
@Hefekind
#FIXE O2 - BHO: (no name) - {714795AE-B851-C38C-644A-A0910EFC29CE} - C:\WINDOWS\system32\apirf32.dll O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k ___________________________________________________________________ Nun gibt es noch folgendes zu beachten: #Loesche manuell: C:\WINDOWS\system32\TriacomUD.dll (DIALER) C:\Programme\MyWay\myBar\2.bin\NPMYWAY.DLL C:\WINDOWS\system32\apirf32.dll 0)Deaktiviere die Wiederherstellung http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/gdocid/20030807105707924 1)Deinstalliere den Antivirus, lade ihn neu und aktiviere den Guard http://www.free-av.de/ 2)Aendere eventuell vorhandene nicht verschluesselte Passworte 3)Lade den Browser <Firefox< und surfe nur mit ihm http://www.firebird-browser.de/ 4)Ueberpruefe, welche Dienste du aus Sicherheitsgruenden deaktivieren kannst....notiere dir jede Veraenderung und lies alles dreimal durch, bevor du was veraenderst (!) Um die Diensteverwaltung explizit aufzurufen, geben Sie unter Start > Ausführen den Befehl services.msc ein. http://www.zdnet.de/z/itmanager/0,39023861,2103873-3,00.htm zurueck---weiter __________________________________________________________________- 5) Mache alle Portscann-Online-checks und poste das Resultat. http://scan.sygatetech.com/ #Ausserdem scanne noch mal mit dem frisch installierten Antivirus und der mwav.exe und poste wieder das Virenlog von beiden mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 29.08.2004 um 13:31 Uhr von Sabina editiert.
|
|
|
|
|
|
|
30.08.2004, 02:34
Member
Beiträge: 11 |
#323
Hallo, bin neu hier. Habe das hijack this auch mal bei mir drüber laufen lassen. Könnte einer mal nachsehen was bei mir faul ist. Danke schon mal.
Logfile of HijackThis v1.98.2 Scan saved at 02:24:15, on 30.08.2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe D:\Programme\Winamp\winampa.exe D:\Programme\AVPersonal\AVGNT.EXE C:\WINDOWS\System32\ctfmon.exe C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\printkey.exe C:\WINDOWS\system32\netdde.exe D:\Programme\AVPersonal\AVGUARD.EXE D:\Programme\AVPersonal\AVWUPSRV.EXE C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE D:\HijackThis\HijackThis.exe C:\WINDOWS\System32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - D:\PROGRA~1\LANGEN~1.0\Engine\mte\StdAlone\T1IE.dll O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file) O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [AVGCtrl] "D:\Programme\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\RunServices: [Microsoft Windows Updater] windates.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: printkey.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093750451715 O17 - HKLM\System\CCS\Services\Tcpip\..\{4FD0BC6C-50CC-4C40-9EE4-F71F8A964F08}: NameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{9B5C366E-BFD0-4414-9603-6F78277EA765}: NameServer = 217.237.150.33 194.25.2.129 |
|
|
|
|
|
|
30.08.2004, 13:02
Ehrenmitglied
Beiträge: 29434 |
#324
@Devil
Fixe (04-vorher im Taskmanager deaktivieren): ........................................................................ R3 - Default URLSearchHook is missing O4 - HKLM\..\RunServices: [Microsoft Windows Updater] windates.exe O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file) neustarten ueberpruefe mit Kaspersky(poste das Ergebnis) C:\WINDOWS\system32\netdde.exe http://www.kaspersky.com/remoteviruschk.html #Lade eScan (entpacke in C:\ base )...ein Ordner , den du vorher erstellst. http://www.mwti.net/antivirus/free_utilities.asp Nun suchst du eine "kavupd.exe" und anklicken. <Es oeffnet sich ein DOS-Fenster und es wird ein Update ausgeführt(dauert ein bisschen) ##Gehe in den abgesicherten Modus(wichtig !!!!!!!!!) http://www.bsi.de/av/texte/winsave.htm (F8 druecken, wenn der Computer hochfaehrt -----suche "mwav.exe und starte so den< eScan<. Alle Häkchen setzen und "Clean-Scan" klicken. __________________________________________________________________- #Deaktiviere die Wiederherstellung http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/gdocid/20030807105707924 #Mache die neusten WindowsUpdates(!) #(aendere alle wichtigen Passworte ) #Wiederhole den Scann mit mwav.exe im Normalmodus #Dann poste, was "deleted", "no action taken"und "renamed" war und die Info von Kaspersky und das neue Log. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 30.08.2004 um 13:16 Uhr von Sabina editiert.
|
|
|
|
|
|
|
30.08.2004, 16:09
...neu hier
Beiträge: 2 |
#325
Hallo Sabina,
wie ich lese bist Du super im Auswerten von Hijack Logs, ich habe leider seit heute auf meinem Firmenrechner ein schon beschriebenes Problem. Bin gerade in Japan und könnte dabei Hilfe gebrauchen. Adaware, Spybot, TrojanHunter und Spyware Doctor sind schon drübergelaufen und haben auch jede Menge gefunden, aber trotzdem kommtn nach jedem Neustart des IE wieder die about:blank Suchseite hoch und verschiedene Popups. Hier mal das Log, wäre echt nett, wenn mir geholfen werden könnte. Logfile of HijackThis v1.98.2 Scan saved at 15:55:14, on 30.08.2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: D:\W2K-SUP\System32\smss.exe D:\W2K-SUP\system32\csrss.exe D:\W2K-SUP\system32\winlogon.exe D:\W2K-SUP\system32\services.exe D:\W2K-SUP\system32\lsass.exe D:\W2K-SUP\System32\ibmpmsvc.exe D:\W2K-SUP\system32\svchost.exe D:\W2K-SUP\System32\svchost.exe D:\W2K-SUP\system32\spoolsv.exe D:\Program Files\Network Associates\VirusScan\Avsynmgr.exe D:\W2K-SUP\system32\hidserv.exe D:\Program Files\Omniquad MyPrivacy\MyPrivacy\mpsvc.exe D:\W2K-SUP\system32\regsvc.exe D:\W2K-SUP\system32\MSTask.exe D:\W2K-SUP\system32\stisvc.exe D:\W2K-SUP\System32\WBEM\WinMgmt.exe D:\W2K-SUP\System32\mspmspsv.exe D:\W2K-SUP\system32\svchost.exe D:\Program Files\Network Associates\VirusScan\VsStat.exe D:\Program Files\Network Associates\VirusScan\Vshwin32.exe D:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe D:\Program Files\Network Associates\VirusScan\Avconsol.exe D:\W2K-SUP\Explorer.EXE D:\W2K-SUP\System32\svchost.exe D:\W2K-SUP\system32\tp4serv.exe D:\W2K-SUP\system32\Promon.exe D:\W2K-SUP\system32\ltcm000c.exe D:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE D:\W2K-SUP\system32\RunDll32.exe D:\W2K-SUP\system32\PRPCUI.exe D:\W2K-SUP\ltmsg.exe D:\Program Files\Medion\PowerCinema\My_TV\Agent.exe D:\Program Files\Logitech\iTouch\iTouch.exe D:\W2K-SUP\Logi_MwX.Exe D:\Program Files\Omniquad MyPrivacy\MyPrivacy\MyPrivacyNT.exe D:\W2K-SUP\appew.exe D:\W2K-SUP\system32\gxpwhib.exe D:\W2K-SUP\system32\internat.exe D:\W2K-SUP\PKZIP.PIF:mvows D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE D:\Documents and Settings\draffehnm\Application Data\aerr.exe D:\W2K-SUP\system32\rexzjti.exe D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe D:\Program Files\Freecom SYNC\FCSYNC.exe D:\Program Files\Starfish\TrueSync\TSTool.exe D:\Program Files\Hardcopy\hardcopy.exe D:\Program Files\Internet Explorer\IEXPLORE.EXE D:\MarcusDraffehn-A2K\Marcus\Internet\Hijack this\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.kie.de.heidelberg.com:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.51.*;172.20.*;<local> R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx__BHODisabled (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {BD0FEE50-CDF6-FCB9-A3EC-F78B04597E63} - D:\W2K-SUP\ntmo32.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\W2K-SUP\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [Promon.exe] Promon.exe O4 - HKLM\..\Run: [XircWinModem4] ltcm000c.exe 9 O4 - HKLM\..\Run: [TPTRAY] D:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE O4 - HKLM\..\Run: [BMMGAG] RunDll32 D:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9 O4 - HKLM\..\Run: [Agent] D:\Program Files\Medion\PowerCinema\My_TV\Agent.exe O4 - HKLM\..\Run: [NeroFilterCheck] D:\W2K-SUP\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [zBrowser Launcher] D:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [MyPrivacy] "D:\Program Files\Omniquad MyPrivacy\MyPrivacy\MyPrivacyNT.exe" O4 - HKLM\..\Run: [appew.exe] D:\W2K-SUP\appew.exe O4 - HKLM\..\Run: [sakaqkhanyxd] D:\W2K-SUP\system32\gxpwhib.exe O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 4.0\THGuard.exe" O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [Trid] D:\Documents and Settings\draffehnm\Application Data\aerr.exe O4 - HKCU\..\Run: [Nrzfeyr] D:\W2K-SUP\system32\rexzjti.exe O4 - Startup: Hardcopy.LNK = D:\Program Files\Hardcopy\hardcopy.exe O4 - Global Startup: Acrobat Assistant.lnk = D:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Freecom SYNC.lnk = D:\Program Files\Freecom SYNC\FCSYNC.exe O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: TrueSync-Startprogramm.lnk = D:\Program Files\Starfish\TrueSync\TSTool.exe O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Verweisseiten - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\Program Files\Microsoft ActiveSync\INetRepl.dll O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: *.05p.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchmiracle.com O16 - DPF: JavaConnect - http://nip-sametime/sametime/javaconnect/JavaConnect.cab O16 - DPF: {CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.3.1_01) - http://cdfe-032/p1service/p1/ServiceJava/j2re-1_3_1_01a-win-i.exe O16 - DPF: {CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.3.1_07) - http://172.20.6.157/p1service/p1/ServiceJava/j2re-1_3_1_07-windows-i586-i.exe O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file) |
|
|
|
|
|
|
30.08.2004, 16:44
Ehrenmitglied
Beiträge: 29434 |
#326
@Bäuchlein
Der PC ist nicht mehr vertrauenswuerdig, Du solltest ueber eine Neuinstallation nachdenken oder mindestens den Systemadministrator benachrichtigen. FIXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://D:\W2K-SUP\qjdnv.dll/sp.html#28129 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx__BHODisabled (file missing) #Wenn Sie die Seite '10.51.*;172.20.*; ' nicht kennen, sollte der Eintrag entfernt werden. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.51.*;172.20.*;<local> R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {BD0FEE50-CDF6-FCB9-A3EC-F78B04597E63} - D:\W2K-SUP\ntmo32.dll VORHER IM TASKMANAGER DEAKTIVIEREN: O4 - HKLM\..\Run: [appew.exe] D:\W2K-SUP\appew.exe O4 - HKLM\..\Run: [sakaqkhanyxd] D:\W2K-SUP\system32\gxpwhib.exe O4 - HKCU\..\Run: [Trid] D:\Documents and Settings\draffehnm\Application Data\aerr.exe O4 - HKCU\..\Run: [Nrzfeyr] D:\W2K-SUP\system32\rexzjti.exe O15 - Trusted Zone: *.05p.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchmiracle.com Prüfen ob Sie diese Seite kennen und ggf. fixen O16 - DPF: JavaConnect - http://nip-sametime/sametime/javaconnect/JavaConnect.cab NEUSTARTEN __________________________________________________________________ #Loesche unter <Internetoptionen< die TemporaryInternetfiles #ueberpruefe mit Kaspersky(das sind Trojaner !) http://www.kaspersky.com/remoteviruschk.html D:\W2K-SUP\appew.exe D:\W2K-SUP\system32\gxpwhib.exe D:\Program Files\Freecom SYNC\FCSYNC.exe (?) D:\W2K-SUP\system32\rexzjti.exe D:\Documents and Settings\draffehnm\Application Data\aerr.exe #Lade eScan (entpacke in C:\ base )...ein Ordner , den du vorher erstellst. http://www.mwti.net/antivirus/free_utilities.asp Nun suchst du eine "kavupd.exe" und anklicken. <Es oeffnet sich ein DOS-Fenster und es wird ein Update ausgeführt(dauert ein bisschen) ##Gehe in den abgesicherten Modus(wichtig !!!!!!!!!) http://www.bsi.de/av/texte/winsave.htm (F8 druecken, wenn der Computer hochfaehrt) -----suche "mwav.exe und starte so den< eScan<. Alle Häkchen setzen und "Clean-Scan" klicken. _________________________________________________________________ #Deaktiviere die Wiederherstellung http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/gdocid/20030807105707924 #AdAware (free)...updaten und dann <alle Dateien< scannen http://www.lavasoft.de/support/download/ #Mache die neusten WindowsUpdates(!) #(aendere alle wichtigen Passworte ) #Wiederhole den Scann mit mwav.exe im Normalmodus #Dann poste, was "deleted", "no action taken"und "renamed" war und die Info von Kaspersky und das neue Log. Gruss nach Japan aus Lissabon. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 30.08.2004 um 17:10 Uhr von Sabina editiert.
|
|
|
|
|
|
|
30.08.2004, 19:17
...neu hier
Beiträge: 2 |
#327
Danke für die Hilfe, aber ab hier wird's für mich etwas undurchsichtig:
#ueberpruefe mit Kaspersky(das sind Trojaner !) http://www.kaspersky.com/remoteviruschk.html D:\W2K-SUP\appew.exe - ist auf einmal nicht mehr auf der Partition D:\W2K-SUP\system32\gxpwhib.exe - kein trojaner D:\Program Files\Freecom SYNC\FCSYNC.exe (?) - ist gewollt D:\W2K-SUP\system32\rexzjti.exe - ist ein Trojaner D:\Documents and Settings\draffehnm\Application Data\aerr.exe - kein trojaner und hier verstehe ich's leider nicht mehr, woher die eScan? #Lade eScan (entpacke in C:\ base )...ein Ordner , den du vorher erstellst. http://www.mwti.net/antivirus/free_utilities.asp Nun suchst du eine "kavupd.exe" und anklicken. <Es oeffnet sich ein DOS-Fenster und es wird ein Update ausgeführt(dauert ein bisschen) ##Gehe in den abgesicherten Modus(wichtig !!!!!!!!!) http://www.bsi.de/av/texte/winsave.htm (F8 druecken, wenn der Computer hochfaehrt) -----suche "mwav.exe und starte so den< eScan<. Alle Häkchen setzen und "Clean-Scan" klicken. _________________________________________________________________ #Deaktiviere die Wiederherstellung http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/gdocid/20030807105707924 #AdAware (free)...updaten und dann <alle Dateien< scannen http://www.lavasoft.de/support/download/ #Mache die neusten WindowsUpdates(!) #(aendere alle wichtigen Passworte ) #Wiederhole den Scann mit mwav.exe im Normalmodus #Dann poste, was "deleted", "no action taken"und "renamed" war und die Info von Kaspersky und das neue Log. Ist schon 2Uhr Nachts hier in Japan, ich muß mich jetzt mal auf's Ohr hau'n. Ich schau Morgen wieder rein, bis dann und schönen Abend noch nach Portugal. Bäuchlein |
|
|
|
|
|
|
30.08.2004, 19:19
...neu hier
Beiträge: 7 |
#328
hallo hier die neuen logs :
File C:\WINDOWS\system32\netdn.exe infected by "TrojanDownloader.Win32.Agent.ap" Virus. Action Taken: File Renamed. File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\Dokumente und Einstellungen\Micha der große Held\Lokale Einstellungen\Temp\IJ4.ace infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\popcrash.chm infected by "Trojan.Win32.Dialer.by" Virus. Action Taken: File Deleted. File C:\Programme\eMCrypt\Incoming\COGA_0_-_L_-_Released_by_Real_Freak\Elite Plus\eliteplus.zip tagged as not-a-virus:LogoPicture.TheDraw. No Action Taken. File C:\Programme\eMCrypt\Incoming\COGA_0_-_L_-_Released_by_Real_Freak\Jimmy White's Whirlwind Snooker\jimsnook.zip tagged as not-a-virus:LogoPicture.TheDraw.Cold. No Action Taken. File C:\Programme\emule2\Incoming\DSL - emule BeFaster.rar infected by "not-a-virus:AdvWare.NavExcel" Virus. Action Taken: File Deleted. File C:\Programme\emule2\Incoming\DSL BeFaster\befaster.exe infected by "not-a-virus:AdvWare.NavExcel" Virus. Action Taken: File Renamed. File C:\Programme\emule2\Incoming\emule DSL Speed Tool und beste Saug einstellungen ( saugen bis der Arzt kommt !!!).rar infected by "not-a-virus:AdvWare.NavExcel" Virus. Action Taken: File Deleted. File C:\RECYCLER\NPROTECT\00000722.EXE tagged as not-a-virus:RiskWare.mIRC.6.01. No Action Taken. File C:\sext.chm infected by "Trojan.Win32.Dialer.by" Virus. Action Taken: File Deleted. File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. Logfile of HijackThis v1.97.7 Scan saved at 19:18:39, on 30.08.2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\kernel.exe C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Programme\AVPersonal\AVWUPSRV.EXE C:\Programme\AVPersonal\AVGUARD.EXE C:\Programme\AVPersonal\AVGNT.EXE C:\DOKUME~1\MICHAD~1\LOKALE~1\Temp\mwavscan.com C:\DOKUME~1\MICHAD~1\LOKALE~1\Temp\kavss.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\Micha der große Held\Desktop\computer neu\HijackThis.exe O2 - BHO: (no name) - {646D843D-7CDF-78F8-2D9D-391E871C2089} - C:\WINDOWS\ipmr.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\RunOnce: [ipvr.exe] C:\WINDOWS\system32\ipvr.exe O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot O17 - HKLM\System\CCS\Services\Tcpip\..\{B4551B45-4C31-4074-9956-6DEA916F5B17}: NameServer = 217.237.149.225 194.25.2.129 |
|
|
|
|
|
|
30.08.2004, 19:48
Ehrenmitglied
Beiträge: 29434 |
#329
@Bäuchlein
Auch wenn du die Trojaner nicht auf der Festplatte findest, sind sie dennoch da. den <eScan<(ein Antiviren-Tool) laedst du von dem geposteten Link #(entpacke in C:\ base )...ein Ordner , den du vorher erstellst. http://www.mwti.net/antivirus/free_utilities.asp und fuehrst alle weitern Schritte, die ich gepostet habe aus. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 30.08.2004 um 19:48 Uhr von Sabina editiert.
|
|
|
|
|
|
|
30.08.2004, 19:54
Ehrenmitglied
Beiträge: 29434 |
#330
@Hefekind
Ich kann nicht glauben, dass du den <eScan< geupdatet hast und auch nicht, dass du im abgesicherten Modus gescannst hast...... #Deaktiviere die Wiederherstellung FIXE O2 - BHO: (no name) - {646D843D-7CDF-78F8-2D9D-391E871C2089} - C:\WINDOWS\ipmr.dll O4 - HKLM\..\RunOnce: [ipvr.exe] C:\WINDOWS\system32\ipvr.exe starte neu und gehe in den abgesicherten Modus (!) #suche und loesche: C:\WINDOWS\system32\netdn.exe C:\WINDOWS\system32\ipvr.exe Start<Ausfuehren<%temp% reinkopieren oder reinschreiben Suche und loesche:Temp\IJ4.ace SCANNE NOCH MAL MIT MWAV.EXE im abgesicherten Modus (AKTUALISIERE DEN SCANNER VORHER MIT DER "kavupd.exe" #dann poste das Log und die Vireninfos von mwav.exe noch mal. mfg Sabina __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 30.08.2004 um 19:57 Uhr von Sabina editiert.
|
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Gib mal <Dso Exploit< in die Suchmaschine von zB. www.google.de ein...ist ein Bug von Spybot.....
Da findest du bestimmt einen Antwort.
(auch in diesem Forum)
mfg
Sabina
__________
MfG Sabina
rund um die PC-Sicherheit