Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
bitte hilfe: HjT Logfile

bitte hilfe: HjT Logfile


Log-Analyse und Auswertung: bitte hilfe: HjT Logfile

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 2 1 2
Alt 25.03.2005, 19:34   #1
Workman
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


guten abend
habe ein massives Problem mit meinem Rechner:
iExplorer startet nur mit gejackter Seite, Explorer gar nicht mehr, Systemsteuerung ebenfalls nicht, Rechner ist ewige langsam....

hier das logfile

Logfile of HijackThis v1.99.1
Scan saved at 19:30:24, on 25/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ati2evxx.exe
C:\Programme\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\system32\netfp32.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
C:\programme\quicktime\qttask.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\appsx32.exe
C:\Program Files\Windows ControlAd\WinCtlAd.exe
C:\Program Files\Windows ControlAd\WinCtlAdAlt.exe
C:\Programme\Microsoft Office\Office\1031\OLFSNT40.EXE
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\PROGRA~1\WinZip\winzip32.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\rsrqk.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\rsrqk.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\rsrqk.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\rsrqk.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\rsrqk.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\rsrqk.dll/sp.html#28129
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\rsrqk.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.254:3128
R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {F8C5C8E9-52C1-06A7-3A16-9AAC146F3F6D} - C:\WINDOWS\system32\netry.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\programme\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [appsx32.exe] C:\WINDOWS\appsx32.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Programme\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe
O4 - HKLM\..\Run: [XpDis0Conf] C:\PROGRA~1\Belkin\BELKIN~1\Tool\WinXPDisableZeroConfigation.exe VEN_14E4&DEV_4320&SUBSYS_70111799 /d
O4 - Global Startup: Symantec Fax Starter Edition-Anschluss.lnk = C:\Programme\Microsoft Office\Office\1031\OLFSNT40.EXE
O4 - Global Startup: GStartup.lnk = C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Accessengl\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Bild in &Microsoft PhotoDraw öffnen - res://C:\PROGRA~1\MICROS~2\Office\1031\phdintl.dll/phdContext.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Web Rebates - file://C:\Programme\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O8 - Extra context menu item: Ähnliche Seiten - res://c:\windows\downloaded program files\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: BINGOOO - {D102A37C-154F-4B0A-9373-5898EDD9F2C4} - D:\Dinfo\Bingooo\BINGOOO.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.Sony-europe.com
O15 - Trusted Zone: *.Sonystyle-europe.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.124.130 (HKLM)
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTS...=1048787493851
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...37c6314a45eb37
O16 - DPF: {3A6514CD-A457-11D4-8AF3-000102686B79} - http://www.bugnosis.org/downloads/webbug.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1102696622677
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\ati2evxx.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MpService - Canon Inc - C:\Programme\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: OracleOraDb10g_home1TNSListener - Unknown owner - D:\oracle\product\10.1.0\Db_1\BIN\TNSLSNR.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Network Security Service (NSS) ( 6QÔõ'ª´ÆÐ8) - Unknown owner - C:\WINDOWS\system32\netfp32.exe

Besten Dank, fröliche Ostern ... Workman

Alt 25.03.2005, 19:43   #2
dartus
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Hallo Workman

führe bitte dies mal aus:
1. Downloade Dir escan und befolge genau diese Anleitung (Scan im ABGESICHERTEN MODUS dauert etwa eine Stunde),
http://www.systemwiederherstellung-d...indows-xp.html
2. starte nach dem Scan wieder in den normalen Modus dauert,
3. öffne die Datei "mwav.log", klicke auf "bearbeiten" danach auf "suchen"
4. gebe dann "infected" ein,
5. suche weiter bei Treffern, markiere diese und kopiere sie ins Forum,
6. neben den Treffern auch das Gesamtergebnis (befindet sich ganz unter im Logfile) posten.

Beispiel:
Wed Feb 02 19:48:56 2005 => Total Files Scanned:
Wed Feb 02 19:48:56 2005 => Total Virus(es) Found:
.
.
.
.


dartus
__________________
Alt 26.03.2005, 16:03   #3
Workman
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Zitat:
Zitat von dartus
Hallo Workman

führe bitte dies mal aus:
1. Downloade Dir escan und befolge genau diese Anleitung (Scan im ABGESICHERTEN MODUS dauert etwa eine Stunde),
http://www.systemwiederherstellung-d...indows-xp.html
2. starte nach dem Scan wieder in den normalen Modus dauert,
3. öffne die Datei "mwav.log", klicke auf "bearbeiten" danach auf "suchen"
4. gebe dann "infected" ein,
5. suche weiter bei Treffern, markiere diese und kopiere sie ins Forum,
6. neben den Treffern auch das Gesamtergebnis (befindet sich ganz unter im Logfile) posten.

Beispiel:
Wed Feb 02 19:48:56 2005 => Total Files Scanned:
Wed Feb 02 19:48:56 2005 => Total Virus(es) Found:
.
.
.
.


dartus




hier also die Ergebnisse:


Sat Mar 26 09:40:03 2005 => ***** Scanning Registry Files *****

Sat Mar 26 09:40:04 2005 => Scanning File C:\WINDOWS\system32\netry.dll
Sat Mar 26 09:40:04 2005 => File C:\WINDOWS\system32\netry.dll infected by "Trojan-Downloader.Win32.Agent.jb" Virus. Action Taken: File Deleted.

Sat Mar 26 09:40:04 2005 => *** Reg Key Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{F8C5C8E9-52C1-06A7-3A16-9AAC146F3F6D} deleted because ImagePath file infected by a Virus


Sat Mar 26 09:40:10 2005 => ERROR!!! Invalid Entry System32\DRIVERS\ElbyVCD.sys in SYSTEM\CurrentControlSet\Services\ElbyVCD...
Sat Mar 26 09:40:16 2005 => ERROR!!! Invalid Entry D:\oracle\product\10.1.0\Db_1\BIN\TNSLSNR in SYSTEM\CurrentControlSet\Services\OracleOraDb10g_home1TNSListener...
Sat Mar 26 09:40:25 2005 => Total Files Scanned: 439
Sat Mar 26 09:40:25 2005 => Total Virus(es) Found: 1
Sat Mar 26 09:40:25 2005 => Total Disinfected Files: 0
Sat Mar 26 09:40:25 2005 => Total Files Renamed: 0
Sat Mar 26 09:40:25 2005 => Total Deleted Files: 1
Sat Mar 26 09:40:25 2005 => Total Errors: 5
Sat Mar 26 09:40:25 2005 => Time Elapsed: 00:00:38
Sat Mar 26 09:40:25 2005 => Virus Database Date: 2005/03/25
Sat Mar 26 09:40:25 2005 => Virus Database Count: 118154

Sat Mar 26 09:40:25 2005 => Scan Completed.

Sat Mar 26 09:40:26 2005 => AV Library Unloaded (3)...


Explorer, suche etc. geht jetzt wieder, wie gehts weiter?

Gruß Workman
__________________
Alt 26.03.2005, 16:17   #4
Haui45
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Zitat:
[...]wie gehts weiter?
-> eScan nochmals ausführen, aber diesmal richtig!

Nur um's deutlich zu machen:
1.) eScan muss im Verzeichnis c:\bases laufen und vor dem Scan aktualisiert werden! (hast du evtl. gemacht)

2.) eScan muss im abgesicherten Modus ausgeführt werden! (hast du evtl. gemacht)

3.) Die Haken müssen so gesetzt sein, wie es auf der Grafik dargestellt ist:

(hast du nicht gemacht)

Alt 27.03.2005, 13:43   #5
Workman
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Sorry, aber mein escan schaut bisschen anders aus...:

habe folgende Version: eScan version 'h' build 2.6.518

weitere tips?

Gruß Workman



Zitat:
Zitat von Haui45
-> eScan nochmals ausführen, aber diesmal richtig!

Nur um's deutlich zu machen:
1.) eScan muss im Verzeichnis c:\bases laufen und vor dem Scan aktualisiert werden! (hast du evtl. gemacht)

2.) eScan muss im abgesicherten Modus ausgeführt werden! (hast du evtl. gemacht)

3.) Die Haken müssen so gesetzt sein, wie es auf der Grafik dargestellt ist:

(hast du nicht gemacht)


Alt 27.03.2005, 15:00   #6
Haui45
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Zitat:
Sorry, aber mein escan schaut bisschen anders aus...:
Definiere das bitte ein bisschen genauer. Mach mal einen Screenshot und häng ihn an deine Antwort.

Alt 28.03.2005, 12:31   #7
Workman
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


sieht so aus:
Miniaturansicht angehängter Grafiken
bitte hilfe: HjT Logfile-e_scan.jpg  

Alt 28.03.2005, 12:41   #8
Cidre
Administrator, a.D.
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Dann hast du diese Version installiert.
Hast du die Trial- oder Vollversion?

Wenn du den Button 'Virus Log Information' anklickst, dann müsstest Du doch die gefunden Malware sehen und posten können.
__________________
Gruß, Cidre


Alt 28.03.2005, 18:58   #9
cookie_ms
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Zitat:
Zitat von Haui45
-> eScan nochmals ausführen, aber diesmal richtig!

Nur um's deutlich zu machen:
1.) eScan muss im Verzeichnis c:\bases laufen und vor dem Scan aktualisiert werden!
Meinst du mit bases einfach direkt in "C"? Warum muss der denn direkt dort gestartet werden oder meinst du es muss einfach in der Software das Laufwerk c zum scannen ausgewählt werden?

Sorry, ich glaube die Frage hört sich dumm an, aber bin mir nicht sicher wie du das meinst.

Gruß cookie

Alt 28.03.2005, 19:02   #10
Haui45
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Zitat:
Meinst du mit bases einfach direkt in "C"?
Ja, direkt in der Systempartition. Wenn Windows auf d: installiert ist, dann eben nach d:\bases

Zitat:
Warum muss der denn direkt dort gestartet werden
Weil man nur so updaten kann.

Zitat:
oder meinst du es muss einfach in der Software das Laufwerk c zum scannen ausgewählt werden?
Nein, es müssen alle Laufwerke ausgewählt werden.

Alt 28.03.2005, 19:59   #11
cookie_ms
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Danke für die Erklärung.

cookie

Alt 31.03.2005, 23:16   #12
Workman
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


also hier das logfile.... (Teil I)

Sa Mrz 26 09:39:44 2005 => ******************************************************************
Sa Mrz 26 09:39:44 2005 => eScan for Windows.
Sa Mrz 26 09:39:44 2005 => Copyright © 2004-2005, MicroWorld Technologies Inc.
Sa Mrz 26 09:39:44 2005 => Support: support@mwti.net
Sa Mrz 26 09:39:44 2005 => Web: http://www.mwti.net
Sa Mrz 26 09:39:44 2005 => ******************************************************************
Sa Mrz 26 09:39:44 2005 => Version 1.26
Sa Mrz 26 09:39:44 2005 => LogFile: D:\e_Scan\Log\26030000.log
Sa Mrz 26 09:39:44 2005 =>
Sa Mrz 26 09:39:44 2005 => Heuristics: On
Sa Mrz 26 09:39:44 2005 => Packed files: On
Sa Mrz 26 09:39:44 2005 => System areas: On
Sa Mrz 26 09:39:44 2005 => Archived files: On
Sa Mrz 26 09:39:44 2005 => Calculate Analysis: On
Sa Mrz 26 09:39:44 2005 => Action specified in case of an infection: Automatic
Sa Mrz 26 09:39:44 2005 =>
Sa Mrz 26 09:40:27 2005 => ***** Checking system areas *****
Sa Mrz 26 09:41:24 2005 =>
Sa Mrz 26 09:41:24 2005 => ***** Checking selected directories and files *****
Sa Mrz 26 09:41:53 2005 => Scanning File C:\WINDOWS\fofcll.dat
Sa Mrz 26 09:41:54 2005 => File Infected with "Trojan-Downloader.Win32.Agent.jb". Action Taken: File deleted!
Sa Mrz 26 09:41:55 2005 => Scanning File C:\WINDOWS\addub.dll
Sa Mrz 26 09:41:55 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:41:55 2005 => Scanning File C:\WINDOWS\cgtolg.dat
Sa Mrz 26 09:41:56 2005 => File Infected with "Trojan-Downloader.Win32.Agent.jb". Action Taken: File deleted!
Sa Mrz 26 09:41:56 2005 => Scanning File C:\WINDOWS\yvml.exe
Sa Mrz 26 09:41:56 2005 => File Infected with "Trojan-Downloader.Win32.Agent.bc". Action Taken: File deleted!
Sa Mrz 26 09:41:56 2005 => Scanning File C:\WINDOWS\qqsmpo.log
Sa Mrz 26 09:41:57 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:41:57 2005 => Scanning File C:\WINDOWS\sysko32.dll
Sa Mrz 26 09:41:57 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:41:58 2005 => Scanning File C:\WINDOWS\hwxmog.txt
Sa Mrz 26 09:41:58 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:41:58 2005 => Scanning File C:\WINDOWS\sybwkb.txt
Sa Mrz 26 09:41:58 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:41:58 2005 => Scanning File C:\WINDOWS\yusszv.dat
Sa Mrz 26 09:41:58 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:41:58 2005 => Scanning File C:\WINDOWS\sdkfv.dll
Sa Mrz 26 09:41:58 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:41:58 2005 => Scanning File C:\WINDOWS\mfcte.exe
Sa Mrz 26 09:41:59 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 09:41:59 2005 => Scanning File C:\WINDOWS\wjyabx.log
Sa Mrz 26 09:41:59 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:41:59 2005 => Scanning File C:\WINDOWS\hkjlxs.dat
Sa Mrz 26 09:41:59 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:41:59 2005 => Scanning File C:\WINDOWS\addpq32.dll
Sa Mrz 26 09:42:00 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:00 2005 => Scanning File C:\WINDOWS\nethm.exe
Sa Mrz 26 09:42:00 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 09:42:00 2005 => Scanning File C:\WINDOWS\hwgeom.dat
Sa Mrz 26 09:42:00 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:00 2005 => Scanning File C:\WINDOWS\sxqjjo.dat
Sa Mrz 26 09:42:01 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:01 2005 => Scanning File C:\WINDOWS\ippr.dll
Sa Mrz 26 09:42:01 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:01 2005 => Scanning File C:\WINDOWS\appcl.exe
Sa Mrz 26 09:42:02 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 09:42:02 2005 => Scanning File C:\WINDOWS\riauwo.log
Sa Mrz 26 09:42:02 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:02 2005 => Scanning File C:\WINDOWS\kjliyy.log
Sa Mrz 26 09:42:03 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:03 2005 => Scanning File C:\WINDOWS\netij32.dll
Sa Mrz 26 09:42:03 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:03 2005 => Scanning File C:\WINDOWS\kygmqi.dat
Sa Mrz 26 09:42:04 2005 => File Infected with "Trojan-Downloader.Win32.Agent.jb". Action Taken: File deleted!
Sa Mrz 26 09:42:04 2005 => Scanning File C:\WINDOWS\crkq.dll
Sa Mrz 26 09:42:04 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:07 2005 => Scanning File C:\WINDOWS\bsvxlb.log
Sa Mrz 26 09:42:07 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:10 2005 => Scanning File C:\WINDOWS\ooetmw.log
Sa Mrz 26 09:42:10 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:10 2005 => Scanning File C:\WINDOWS\bjjxgij.exe
Sa Mrz 26 09:42:10 2005 => File Infected with "Trojan-Downloader.Win32.Agent.bc". Action Taken: File deleted!
Sa Mrz 26 09:42:16 2005 => Scanning File C:\WINDOWS\appug32.exe
Sa Mrz 26 09:42:16 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:16 2005 => Scanning File C:\WINDOWS\qgeuoy.dat
Sa Mrz 26 09:42:17 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:17 2005 => Scanning File C:\WINDOWS\hpogoy.dat
Sa Mrz 26 09:42:17 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:17 2005 => Scanning File C:\WINDOWS\houtav.txt
Sa Mrz 26 09:42:17 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:20 2005 => Scanning File C:\WINDOWS\iehp.dll
Sa Mrz 26 09:42:20 2005 => File Infected with "Trojan-Downloader.Win32.Agent.an". Action Taken: File deleted!
Sa Mrz 26 09:42:21 2005 => Scanning File C:\WINDOWS\dsghxl.txt
Sa Mrz 26 09:42:21 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:21 2005 => Scanning File C:\WINDOWS\oukrty.log
Sa Mrz 26 09:42:21 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:21 2005 => Scanning File C:\WINDOWS\qbnas.dll
Sa Mrz 26 09:42:22 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:22 2005 => Scanning File C:\WINDOWS\cpmdqo.dat
Sa Mrz 26 09:42:22 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:22 2005 => Scanning File C:\WINDOWS\sdklm.exe
Sa Mrz 26 09:42:22 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:23 2005 => Scanning File C:\WINDOWS\tvpbr.dll
Sa Mrz 26 09:42:23 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:23 2005 => Scanning File C:\WINDOWS\KB887822.log
Sa Mrz 26 09:42:23 2005 => Scanning File C:\WINDOWS\n_gmyixd.txt
Sa Mrz 26 09:42:23 2005 => File Infected with "Trojan-Downloader.Win32.Agent.bc". Action Taken: File deleted!
Sa Mrz 26 09:42:24 2005 => Scanning File C:\WINDOWS\fdupjk.dat
Sa Mrz 26 09:42:24 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:24 2005 => Scanning File C:\WINDOWS\amyxq.dll
Sa Mrz 26 09:42:24 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:24 2005 => Scanning File C:\WINDOWS\ihwaii.dat
Sa Mrz 26 09:42:25 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:25 2005 => Scanning File C:\WINDOWS\tatalr.txt
Sa Mrz 26 09:42:25 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:25 2005 => Scanning File C:\WINDOWS\ladgfb.txt
Sa Mrz 26 09:42:25 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:25 2005 => Scanning File C:\WINDOWS\kxduuw.dat
Sa Mrz 26 09:42:25 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:26 2005 => Scanning File C:\WINDOWS\qdbea.dll
Sa Mrz 26 09:42:26 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:26 2005 => Scanning File C:\WINDOWS\winvi.dll
Sa Mrz 26 09:42:26 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:26 2005 => Scanning File C:\WINDOWS\mfcrx.exe
Sa Mrz 26 09:42:27 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 09:42:27 2005 => Scanning File C:\WINDOWS\vayikj.txt
Sa Mrz 26 09:42:27 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:27 2005 => Scanning File C:\WINDOWS\agjwjb.log
Sa Mrz 26 09:42:27 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:27 2005 => Scanning File C:\WINDOWS\dhuhgw.dat
Sa Mrz 26 09:42:28 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:28 2005 => Scanning File C:\WINDOWS\gbbahw.log
Sa Mrz 26 09:42:29 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:30 2005 => Scanning File C:\WINDOWS\msdt.exe
Sa Mrz 26 09:42:30 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 09:42:31 2005 => Scanning File C:\WINDOWS\crcr.dll
Sa Mrz 26 09:42:31 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:31 2005 => Scanning File C:\WINDOWS\qwwtrn.dat
Sa Mrz 26 09:42:31 2005 => File Infected with "Trojan.Win32.Agent.bi". Action Taken: File deleted!
Sa Mrz 26 09:42:31 2005 => Scanning File C:\WINDOWS\ovqndo.dat
Sa Mrz 26 09:42:31 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:31 2005 => Scanning File C:\WINDOWS\zwtgzb.txt
Sa Mrz 26 09:42:32 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:32 2005 => Scanning File C:\WINDOWS\jphyty.dat
Sa Mrz 26 09:42:33 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:33 2005 => Scanning File C:\WINDOWS\sdkrg.dll
Sa Mrz 26 09:42:33 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:33 2005 => Scanning File C:\WINDOWS\javahb32.dll
Sa Mrz 26 09:42:33 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:33 2005 => Scanning File C:\WINDOWS\dhpqfv.dat
Sa Mrz 26 09:42:34 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:34 2005 => Scanning File C:\WINDOWS\drecgn.dat
Sa Mrz 26 09:42:34 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:36 2005 => Scanning File C:\WINDOWS\crhh.dll
Sa Mrz 26 09:42:36 2005 => File Infected with "Trojan.Win32.Agent.bi". Action Taken: File deleted!
Sa Mrz 26 09:42:36 2005 => Scanning File C:\WINDOWS\INST_TSP.LOG
Sa Mrz 26 09:42:36 2005 => Scanning File C:\WINDOWS\eujbac.dat
Sa Mrz 26 09:42:37 2005 => File Infected with "Trojan-Downloader.Win32.Agent.jb". Action Taken: File deleted!
Sa Mrz 26 09:42:37 2005 => Scanning File C:\WINDOWS\zimuzp.dat
Sa Mrz 26 09:42:37 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:37 2005 => Scanning File C:\WINDOWS\egiwga.txt
Sa Mrz 26 09:42:37 2005 => File Infected with "Trojan.Win32.Agent.bi". Action Taken: File deleted!
Sa Mrz 26 09:42:37 2005 => Scanning File C:\WINDOWS\whscjl.txt
Sa Mrz 26 09:42:38 2005 => File Infected with "Trojan-Downloader.Win32.Agent.ap". Action Taken: File deleted!
Sa Mrz 26 09:42:40 2005 => Scanning File C:\WINDOWS\system32\javavi.dll
Sa Mrz 26 09:42:40 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:42 2005 => Scanning File C:\WINDOWS\system32\apivm32.dll
Sa Mrz 26 09:42:42 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:42 2005 => Scanning File C:\WINDOWS\system32\sysza32.dll
Sa Mrz 26 09:42:43 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:43 2005 => Scanning File C:\WINDOWS\system32\pljry.dll
Sa Mrz 26 09:42:43 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:43 2005 => Scanning File C:\WINDOWS\system32\ntou32.dll
Sa Mrz 26 09:42:44 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:44 2005 => Scanning File C:\WINDOWS\system32\atlto.exe
Sa Mrz 26 09:42:45 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:47 2005 => Scanning File C:\WINDOWS\system32\javang.dll
Sa Mrz 26 09:42:47 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:47 2005 => Scanning File C:\WINDOWS\system32\mfcly32.exe
Sa Mrz 26 09:42:48 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:48 2005 => Scanning File C:\WINDOWS\system32\jmpue.dll
Sa Mrz 26 09:42:48 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:48 2005 => Scanning File C:\WINDOWS\system32\eohky.dll
Sa Mrz 26 09:42:48 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:42:48 2005 => Scanning File C:\WINDOWS\system32\sysai.dll
Sa Mrz 26 09:42:48 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:49 2005 => Scanning File C:\WINDOWS\system32\javazp32.dll
Sa Mrz 26 09:42:49 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:50 2005 => Scanning File C:\WINDOWS\system32\mfcnr.exe
Sa Mrz 26 09:42:50 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 09:42:52 2005 => Scanning File C:\WINDOWS\system32\d3px32.dll
Sa Mrz 26 09:42:52 2005 => File Infected with "Trojan-Downloader.Win32.Agent.bc". Action Taken: File deleted!
Sa Mrz 26 09:42:58 2005 => Scanning File C:\WINDOWS\system32\appyr32.dll
Sa Mrz 26 09:42:58 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:42:58 2005 => Scanning File C:\WINDOWS\system32\apihl.exe
Sa Mrz 26 09:42:58 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 09:43:04 2005 => Scanning File C:\WINDOWS\system32\netfp32.exe
Sa Mrz 26 09:43:04 2005 => File Infected with "Trojan.Win32.Agent.bi". Action Taken: File deleted!
Sa Mrz 26 09:43:05 2005 => Scanning File C:\WINDOWS\system32\d3bb32.dll
Sa Mrz 26 09:43:05 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:43:16 2005 => Scanning File C:\WINDOWS\system32\ieuj.dll
Sa Mrz 26 09:43:16 2005 => File Infected with "Trojan.Win32.Agent.bi". Action Taken: File deleted!
Sa Mrz 26 09:45:19 2005 => Scanning File C:\WINDOWS\system32\llugy.dll
Sa Mrz 26 09:45:19 2005 => File Infected with "Trojan-Downloader.Win32.WinShow.ak". Action Taken: File deleted!
Sa Mrz 26 09:46:31 2005 => Scanning File C:\WINDOWS\system32\iprf.dll
Sa Mrz 26 09:46:31 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 09:53:58 2005 => Scanning File C:\WINDOWS\Downloaded Program Files\open.exe
Sa Mrz 26 09:53:58 2005 => File Infected with "Trojan-Downloader.Win32.Agent.eq". Action Taken: File deleted!
Sa Mrz 26 10:36:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\14642BEC.tmp
Sa Mrz 26 10:36:20 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\35856252.tmp
Sa Mrz 26 10:36:20 2005 => File Infected with "Email-Worm.Win32.NetSky.c". Action Taken: File deleted!
Sa Mrz 26 10:36:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\74B53510.tmp
Sa Mrz 26 10:36:21 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\24256FE2.tmp
Sa Mrz 26 10:36:21 2005 => File Infected with "Email-Worm.Win32.Sober.i". Action Taken: File deleted!
Sa Mrz 26 10:36:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\74DC2CE5.tmp
Sa Mrz 26 10:36:21 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\74F67CC8.tmp
Sa Mrz 26 10:36:21 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\63B7167C.tmp
Sa Mrz 26 10:36:22 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\1CB52DB8.tmp
Sa Mrz 26 10:36:22 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\750A78B2.tmp
Sa Mrz 26 10:36:22 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\335323F5.tmp
Sa Mrz 26 10:36:22 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\751A4AA0.tmp
Sa Mrz 26 10:36:23 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\1D3E1C8A.tmp
Sa Mrz 26 10:36:23 2005 => File Infected with "Email-Worm.Win32.Bagle.ai". Action Taken: File deleted!
Sa Mrz 26 10:36:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\458137BD.tmp
Sa Mrz 26 10:36:23 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\36E54C18.tmp
Sa Mrz 26 10:36:23 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\37343BC1.tmp
Sa Mrz 26 10:36:23 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\1D852E39.tmp
Sa Mrz 26 10:36:23 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\0E7C5F5F.tmp
Sa Mrz 26 10:36:24 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\36647C8F.tmp
Sa Mrz 26 10:36:24 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5E874F8D.tmp
Sa Mrz 26 10:36:24 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5EAE4762.tmp
Sa Mrz 26 10:36:24 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2C8E55F0.tmp
Sa Mrz 26 10:36:24 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\56B06E28.exe
Sa Mrz 26 10:36:25 2005 => File Infected with "Backdoor.Win32.Small.dc". Action Taken: File renamed!
Sa Mrz 26 10:36:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5BC63A89.tmp
Sa Mrz 26 10:36:25 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\756D1A01.tmp
Sa Mrz 26 10:36:25 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\7E7348E8.tmp
Sa Mrz 26 10:36:26 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!

Alt 31.03.2005, 23:16   #13
Workman
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


... und hier Teil II:


Sa Mrz 26 10:36:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\51F81AFE.tmp
Sa Mrz 26 10:36:26 2005 => File Infected with "Email-Worm.Win32.NetSky.q". Action Taken: File deleted!
Sa Mrz 26 10:36:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\523638B9.tmp
Sa Mrz 26 10:36:26 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\50B00661.tmp
Sa Mrz 26 10:36:26 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\219043A7.tmp
Sa Mrz 26 10:36:26 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\168E2970.tmp
Sa Mrz 26 10:36:27 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2D087B45.tmp
Sa Mrz 26 10:36:27 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\13D504B2.tmp
Sa Mrz 26 10:36:27 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5EEB75C7.tmp
Sa Mrz 26 10:36:27 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\29E0626E.tmp
Sa Mrz 26 10:36:27 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\37177903.tmp
Sa Mrz 26 10:36:28 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\0D9C365F.tmp
Sa Mrz 26 10:36:28 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\79CD4EBA.tmp
Sa Mrz 26 10:36:28 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\625D64CC.tmp
Sa Mrz 26 10:36:28 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\1C9279E1.tmp
Sa Mrz 26 10:36:29 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4B4C7398.tmp
Sa Mrz 26 10:36:29 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\06C564B7.tmp
Sa Mrz 26 10:36:29 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\49E45CD7.tmp
Sa Mrz 26 10:36:29 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\27B257E4.tmp
Sa Mrz 26 10:36:29 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5CF62346.tmp
Sa Mrz 26 10:36:30 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6E2D6A9B.tmp
Sa Mrz 26 10:36:30 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\343662ED.tmp
Sa Mrz 26 10:36:30 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\1ADB4F1D.tmp
Sa Mrz 26 10:36:30 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\57494E54.tmp
Sa Mrz 26 10:36:30 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\53232051.tmp
Sa Mrz 26 10:36:31 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:36:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3B427128.tmp
Sa Mrz 26 10:36:31 2005 => File Infected with "Email-Worm.Win32.NetSky.d". Action Taken: File deleted!
Sa Mrz 26 10:47:03 2005 => Scanning File C:\FOUND.000\FILE0002.CHK
Sa Mrz 26 10:47:04 2005 => File Infected with "Trojan-Downloader.Win32.Agent.bc". Action Taken: File deleted!
Sa Mrz 26 10:47:04 2005 => Scanning File C:\FOUND.000\FILE0003.CHK
Sa Mrz 26 10:47:04 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!
Sa Mrz 26 10:47:22 2005 => Scanning File C:\System Volume Information\_restore{BF9BDB7D-969F-44FF-A91E-F2A7B1126BB5}\RP180\A0069283.dll
Sa Mrz 26 10:47:22 2005 => File Infected with "Trojan-Downloader.Win32.Agent.jb". Action Taken: File deleted!
Sa Mrz 26 10:48:28 2005 => Scanning File C:\System Volume Information\_restore{BF9BDB7D-969F-44FF-A91E-F2A7B1126BB5}\RP199\A0076030.dll
Sa Mrz 26 10:48:29 2005 => File Infected with "Trojan-Downloader.Win32.Agent.al". Action Taken: File deleted!

Sa Mrz 26 10:59:00 2005 => ***** Scanning Completed. *****
Sa Mrz 26 10:59:00 2005 =>
Sa Mrz 26 10:59:00 2005 => Total Number of Files Scanned: 73434
Sa Mrz 26 10:59:00 2005 => Total Number of Files Infected: 215
Sa Mrz 26 10:59:00 2005 => Total Number of Files Disinfected: 0
Sa Mrz 26 10:59:00 2005 => Total Number of Files Renamed: 17
Sa Mrz 26 10:59:00 2005 => Total Number of Files Deleted: 198
Sa Mrz 26 10:59:00 2005 => Total Number of Errors: 0
Sa Mrz 26 10:59:00 2005 => Time Elapsed:: 01:18:34



noch fragen?

Danke für die Hilfe!

Gruß Workman

Alt 01.04.2005, 00:22   #14
dartus
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Hallo Workman,

bei der Menge
Zitat:
Sa Mrz 26 10:59:00 2005 => Total Number of Files Infected: 215
und Backdoortrojanern http://en.wikipedia.org/wiki/Botnet
Zitat:
C:\WINDOWS\system32\apihl.exe
Sa Mrz 26 09:42:58 2005 => File Infected with "Backdoor.Win32.Small.dc
ist mein Rat:

http://www.trojaner-board.de/showthread.php?t=12154

Um folgendes zu vermeiden:
http://www.trojaner-board.com/showthread.php?t=14669
http://www.heise.de/newsticker/meldung/57030
http://www.heise.de/newsticker/meldung/51689

Thema Datensicherung:
http://www.trojaner-board.de/showpos...8&postcount=11

sry
dartus

Alt 01.04.2005, 21:17   #15
cookie_ms
 
bitte hilfe: HjT Logfile - Standard

bitte hilfe: HjT Logfile


Hallo,

was ist der Unterschied von einem Trojaner und einem Backdoor Trojaner?

Gruß cookie

Antwort
Seite 1 von 2 1 2

Themen zu bitte hilfe: HjT Logfile
adobe, antivirus, bho, canon, dateien, drivers, file missing, google, hijack, hijackthis, home, hotkey, internet, internet explorer, logfile, messenger, microsoft, monitor, problem, programme, security, security center, software, symantec, temp, urlsearchhook, windows, windows messenger, windows xp


« Suche kompetente Hilfe, Biete aufrichtigen Dank | hilfe, habe schon 200 puls »


Ähnliche Themen: bitte hilfe: HjT Logfile


  1. LogFile, bitte um Hilfe
    Log-Analyse und Auswertung - 12.07.2009 (13)
  2. Bitte um Hilfe / Logfile
    Log-Analyse und Auswertung - 22.04.2009 (0)
  3. Bitte um Hilfe bei logfile
    Mülltonne - 28.10.2008 (0)
  4. bitte um Hilfe zu logfile
    Log-Analyse und Auswertung - 02.04.2007 (4)
  5. Bitte um Hilfe bei logfile
    Log-Analyse und Auswertung - 02.04.2007 (1)
  6. LogFile Bitte um Hilfe
    Log-Analyse und Auswertung - 06.02.2007 (7)
  7. logfile! Bitte um Hilfe !!!
    Log-Analyse und Auswertung - 02.12.2005 (10)
  8. Logfile .. Bitte Hilfe
    Log-Analyse und Auswertung - 27.11.2005 (8)
  9. Bitte um Hilfe mit der HJT-Logfile!
    Log-Analyse und Auswertung - 10.11.2005 (1)
  10. logfile bitte um hilfe
    Log-Analyse und Auswertung - 30.09.2005 (2)
  11. bitte hilfe bei logfile!!
    Log-Analyse und Auswertung - 20.04.2005 (1)
  12. LogFile - Bitte um Hilfe!
    Log-Analyse und Auswertung - 06.04.2005 (2)
  13. Logfile - Bitte um Hilfe
    Log-Analyse und Auswertung - 14.02.2005 (1)
  14. BITTE logfile hilfe !
    Log-Analyse und Auswertung - 14.01.2005 (20)
  15. bitte um hilfe - logfile
    Log-Analyse und Auswertung - 13.01.2005 (2)
  16. Bitte um Hilfe / Logfile
    Log-Analyse und Auswertung - 16.11.2004 (7)
  17. Bitte um Hilfe bei Logfile
    Log-Analyse und Auswertung - 09.10.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema bitte hilfe: HjT Logfile - guten abend habe ein massives Problem mit meinem Rechner: iExplorer startet nur mit gejackter Seite, Explorer gar nicht mehr, Systemsteuerung ebenfalls nicht, Rechner ist ewige langsam.... hier das logfile Logfile - bitte hilfe: HjT Logfile...
Archiv
Du betrachtest: bitte hilfe: HjT Logfile auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58