Zurück   Trojaner-Board > Sicherheit > Log-Analyse und Auswertung
"Verseuchter" Computer ...

"Verseuchter" Computer ...


Log-Analyse und Auswertung: "Verseuchter" Computer ...

Windows 7 Hier könnt Ihr Logs zwecks Auswertung posten. So bekommt man Hilfe: Erste Schritte zur Hilfe!

Antwort
Seite 1 von 4 1 23 Letzte »
Alt 16.11.2004, 22:39   #1
BusterKe
 
"Verseuchter" Computer ... - Standard "Verseuchter" Computer ...
Logfile of HijackThis v1.98.2
Scan saved at 23:28:54, on 16.11.04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\WINTOOLS\WTOOLSA.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAMME\TOOLBAR\TBPS.EXE
C:\PROGRAMME\TOOLBAR\PIB.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAMME\GEMEINSAME DATEIEN\WINTOOLS\WSUP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\PROGRAMME\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAMME\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\PROGRAMME\NORTON ANTIVIRUS\POPROXY.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\CMEII\CMESYS.EXE
C:\WINDOWS\SYSTEM\CGTASK.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\180AX.EXE
C:\PROGRAMME\CASHBACK\BIN\CASHBACK.EXE
C:\PROGRAMME\BULLSEYE NETWORK\BIN\BARGAINS.EXE
C:\PROGRAMME\INTEL\INTEL PSNCU\CPUNUMBER.EXE
C:\PROGRAMME\ICQ\NDETECT.EXE
C:\PROGRAMME\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\GMT\GMT.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINS32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMME\MICROSOFT OFFICE\OFFICE\OSA9.EXE
C:\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.searchxl.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchxl.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.searchxl.com/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.a1.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchxl.com/ie/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50162
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\TOOLBAR\TOOLBAR.DLL/sa
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:NavigationFailure
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.searchv.com/w/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchv.com/w/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:NavigationFailure
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\TOOLBAR\TOOLBAR.DLL/sa
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer von A1.net
O2 - BHO: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\Programme\Toolbar\toolbar.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\GEMEIN~1\WINTOOLS\WTOOLSB.DLL
O2 - BHO: (no name) - {14954F05-380D-11D9-83FE-9D533CB8B203} - C:\WINDOWS\SYSTEM\GLO.DLL
O3 - Toolbar: IEMenuExtension toolbar - {6b95678d-30a4-4ff8-a72f-4208340c1f7f} - C:\PROGRAMME\IEMENUEXTENSION\TBEXTN.DLL
O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\Programme\Toolbar\toolbar.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [IrMon] IrMon.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [AtiKey] Atitask.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [POINTER] C:\Programme\Microsoft Hardware\Mouse\point32.exe
O4 - HKLM\..\Run: [NPROTECT] C:\Programme\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [Norton eMail Protect] C:\Programme\Norton AntiVirus\POPROXY.EXE
O4 - HKLM\..\Run: [CMESys] "C:\PROGRAMME\GEMEINSAME DATEIEN\CMEII\CMESYS.EXE"
O4 - HKLM\..\Run: [Cgtask Services] C:\WINDOWS\SYSTEM\cgtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SystemSearch] REGEDIT.EXE -S c:\ie.reg
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [180ax] c:\windows\180ax.exe
O4 - HKLM\..\Run: [fibql] C:\WINDOWS\fibql.exe
O4 - HKLM\..\Run: [CashBack] C:\Programme\CashBack\bin\cashback.exe
O4 - HKLM\..\Run: [BullsEye Network] C:\Programme\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [IE Menu Extension toolbar] rundll32.exe "C:\PROGRA~1\IEMENU~1\tbextn.dll" DllShowTB
O4 - HKLM\..\Run: [TBPS] C:\Programme\Toolbar\TBPS.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\GEMEIN~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [NPROTECT] C:\Programme\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Programme\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Programme\Gemeinsame Dateien\Symantec Shared\SymTray.exe "Norton SystemWorks"
O4 - HKLM\..\RunServices: [WinTools] C:\PROGRA~1\GEMEIN~1\WINTOOLS\WTOOLSA.EXE
O4 - HKLM\..\RunServicesOnce: [TBPS] C:\Programme\Toolbar\TBPS.exe /boot
O4 - HKLM\..\RunServicesOnce: [WinTools] C:\PROGRA~1\GEMEIN~1\WINTOOLS\WTOOLSA.EXE /boot
O4 - HKCU\..\Run: [IntelProcNumUtility] "C:\Programme\Intel\Intel PSNCU\CPUNumber.exe" /nosplash
O4 - HKCU\..\Run: [Mirabilis ICQ] C:\Programme\ICQ\NDetect.exe
O4 - HKCU\..\Run: [MsnMsgr] "c:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunServices: [IntelProcNumUtility] "C:\Programme\Intel\Intel PSNCU\CPUNumber.exe" /nosplash
O4 - HKCU\..\RunServices: [Mirabilis ICQ] C:\Programme\ICQ\NDetect.exe
O4 - HKCU\..\RunServices: [MsnMsgr] "c:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [win32] c:\program files\wins32.exe
O4 - HKCU\..\RunServicesOnce: [win32] c:\program files\wins32.exe
O4 - Startup: GStartup.lnk = C:\Programme\Gemeinsame Dateien\GMT\GMT.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.a1.net/
O16 - DPF: {2FF18E10-DE11-11D1-8161-00A0C90DD90C} (MSNBC News Menu Control 3.0) - http://www.zdf.msnbc.de/tools/NewsBrowser/nm0713.cab
O16 - DPF: {A1DC3241-B122-195F-B21A-000000000000} - http://pluginaccess.com/Browser_Plugin.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1755c5764b3e5a5...dxIE601_de.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...tup1.0.0.6.cab
O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\MAIN.MHT!http://d.dialer2004.com//colin/main.chm::/load.exe
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.johannrain-softwareentwic...itdefender.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://housecall.trendmicro-europe.c...ll/Xscan53.cab
O16 - DPF: {11111111-1111-1111-1111-111111113458} - file://C:\WINDOWS\Tempor~1\Content.IE5\4XQJ4XYB\explorer2[1].cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://195.225.177.13/420/online.chm::/on-line.exe
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/.../Installer.exe
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/loader2.ocx
O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\Programme\Toolbar\toolbar.dll
O18 - Filter: text/html - {7E7A40E0-14CE-11D9-83FE-005015D30AEE} - C:\WINDOWS\SYSTEM\GLO.DLL
O18 - Filter: text/plain - {7E7A40E0-14CE-11D9-83FE-005015D30AEE} - C:\WINDOWS\SYSTEM\GLO.DLL
Geändert von BusterKe (16.11.2004 um 23:34 Uhr)

Alt 16.11.2004, 22:39   #2
BusterKe
 
"Verseuchter" Computer ... - Ausrufezeichen

AW: "Verseuchter" Computer ...



Guten Abend Insider!

Ich habe nun einige Zeit im Internet gestöbert und versucht alle möglichen Informationen zu sammeln. Habe nun HijackThis gefunden und ausgeführt, kann jedoch die damit verbundenen Informationen nicht wirklich verarbeiten . Nun bin ich auf dieses Forum gestoßen, und hoffe auf diesem Weg einige Probleme beheben zu können ... oder vielleicht bleibt doch nur die Möglichkeit von format C: :-(

Falls jemand Zeit findet und das file durchsehen und mir bezüglich der weiteren Vorgehensweise helfen könnte wäre ich sehr dankbar.

Alt 16.11.2004, 22:59   #3
*Christian*
Gast
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
Benutze die aktuelle Version von HijackThis: 1.98.2


Alt 16.11.2004, 23:36   #4
BusterKe
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
Danke für den Hinweis. Ich habe nun die Version 1.98.2 heruntergeladen und ausgeführt. Ich habe das entsprechnde Logfile unten ersetzt.

Herzlichen Dank im vorraus!

Alt 16.11.2004, 23:56   #5
*Christian*
Gast
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
Um eine Neuinstallation wirst du wahrscheinlich nicht herumkommen.

Aber scanne mal hiermit im abg. Modus: eScan-Anleitung

Vielleicht finden wir ja etwas Neues.


Alt 17.11.2004, 18:34   #6
BusterKe
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
Hi!
Ich bin gerade dabei den Comp zu scannen ... Was genau soll ich posten? - das Log-File ist riesig ...

Alt 17.11.2004, 18:38   #7
chaosman
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
@BusterKe
nur das letzte teil wo die ergebnisse stehen

chaosman
__________________
Bonus vir semper tiro Kein Support per PM

@ all: Bitte aktive Links und persönliche Infos in HJT-Logfiles editieren!! z.B. http in h**p

Alt 17.11.2004, 18:52   #8
BusterKe
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
ok, danke

ist es das was du meinst ... ist nur ein auszug, das geht noch endlos weiter ...

File C:\WINDOWS\SYSTEM\NANDS.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\SHRAPI.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\PROGRA~1\GEMEIN~1\WINTOOLS\WTOOLSB.DLL tagged as not-a-virus:AdWare.Wintol.p. No Action Taken.
File C:\WINDOWS\SYSTEM\GLO.DLL infected by "Trojan.Win32.StartPage.ix" Virus. Action Taken: No Action Taken.
File C:\PROGRA~1\GEMEIN~1\CMEII\CMESYS.EXE tagged as not-a-virus:AdWare.Gator.5115. No Action Taken.
File C:\WINDOWS\fibql.exe tagged as not-a-virus:AdWare.180Solutions. No Action Taken.
File C:\Programme\CashBack\bin\cashback.exe tagged as not-a-virus:AdWare.BargainBuddy.j. No Action Taken.
File C:\PROGRA~1\BULLSE~1\BIN\BARGAINS.EXE tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\ACSSUN.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\WINDOWS\TSAd.dll tagged as not-a-virus:AdWare.TimeSink. No Action Taken.
File C:\WINDOWS\VcpDLL.dll tagged as not-a-virus:AdWare.TimeSink. No Action Taken.
File C:\WINDOWS\winshow.dll infected by "TrojanDownloader.Win32.WinShow.b" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\fibql.exe tagged as not-a-virus:AdWare.180Solutions. No Action Taken.
File C:\WINDOWS\internet.exe infected by "Trojan.Win32.Dialer.et" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\EDow_AS2.exe infected by "TrojanDownloader.Win32.QDown.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\package8032_SIAC.exe tagged as not-a-virus:AdWare.BargainBuddy.l. No Action Taken.
File C:\WINDOWS\IEMenuExtension.exe tagged as not-a-virus:AdWare.Toolbar.Ucmore. No Action Taken.
File C:\WINDOWS\180axhook.dll tagged as not-a-virus:AdWare.180Solutions. No Action Taken.
File C:\WINDOWS\autoheal.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\ffInst.exe tagged as not-a-virus:AdWare.Look2Me. No Action Taken.
File C:\WINDOWS\SYSTEM\exdl.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\mqexdlm.srg tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\exul.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\javexulm.vxd tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\hnsys32.dll infected by "Trojan.Win32.Delf.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\d2kcol.exe infected by "Trojan.Win32.Dialer.u" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\glo.dll infected by "Trojan.Win32.StartPage.ix" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\msbe.dll tagged as not-a-virus:AdWare.BargainBuddy.l. No Action Taken.
File C:\WINDOWS\SYSTEM\mscb.dll tagged as not-a-virus:AdWare.BargainBuddy.l. No Action Taken.
File C:\WINDOWS\SYSTEM\NaNDS.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\CoGWIZ.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\exdl0.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\angelex.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\SYSTEM\exdl3.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\exdl1.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\mac80ex.idf tagged as not-a-virus:AdWare.BargainBuddy.l. No Action Taken.
File C:\WINDOWS\SYSTEM\psis80ex.ax tagged as not-a-virus:AdWare.BargainBuddy.l. No Action Taken.
File C:\WINDOWS\SYSTEM\netut80ex.vxd tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\exul3.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\exul1.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\WINDOWS\SYSTEM\ItSETUP.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\NsTAPI.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\akupd.dll infected by "TrojanDownloader.Win32.Agent.br" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM\WrOCK32.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\NaTDI.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\IfSETUP.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\IpSETUP.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\SlRAPI.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\DuNDI.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\WwOCK32.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\SYSTEM\ShRAPI.DLL tagged as not-a-virus:AdWare.Look2Me.l. No Action Taken.
File C:\WINDOWS\TEMP\ICD1.tmp\explorer.exe infected by "Trojan.Win32.Dialer.et" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMP\sp.html infected by "Trojan.JS.StartPage.u" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\ZVYI918F\package8032_SIAC[1].exe tagged as not-a-virus:AdWare.BargainBuddy.l. No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\ZVYI918F\Installer[1].exe tagged as not-a-virus:AdWare.Look2Me. No Action Taken.
File C:\WINDOWS\TEMPOR~1\CONTENT.IE5\HBM3RTG4\EDow_AS2[1].exe infected by "TrojanDownloader.Win32.QDown.m" Virus. Action Taken: No Action Taken.

Alt 17.11.2004, 19:36   #9
Shadowdance
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
@ BusterKe

na, dann gib mal das riesige Teil ins Forum .. so lange kann es ja eigentlich nicht sein?

SD

Alt 18.11.2004, 00:08   #10
BusterKe
 
"Verseuchter" Computer ... - Standard AW: "Verseuchter" Computer ...
File C:\Programme\Norton AntiVirus\Quarantine\78272E29.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\787847D0.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\78996BAC.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\78BA0F88.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\78EB0552.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\790B292E.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\79332103.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\797A3CB4.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0FC47950.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\233C2E2A.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\234F2A14.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\236D23F4.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\238449DB.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\23B53FA5.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\24105740.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\24447707.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\24BD0882.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\484F2FEC.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\32F933F6.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\33317DB8.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\514C0C98.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\5F470458.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\5F5B0042.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\2627757C.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\263E1B63.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\267C391F.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\34237EA0.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\34474C79.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\182A0A8C.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\18445A6F.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\4CDA1BB5.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\3E831A0C.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\3EA767E5.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\57D0799E.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\2188130D.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0ECC0C39.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0F0455FC.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\1A074E24.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\7FF329A7.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\00134D83.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\153D1EE4.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\157812A3.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\15BD0457.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\32D323C1.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\79207C64.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0ACB26A4.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\12460AF0.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\126D02C5.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\129E788F.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\61953F0E.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\7BF00453.bat infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\09FC068B.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0A2D7C55.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\2C384D0E.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\41634400.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\59376804.scr infected by "I-Worm.Lentin.g" Virus. Action Taken: No Action Taken.
File C:\Programme\TimeSink\AdGateway\TSADBOT.EXE tagged as not-a-virus:AdWare.TimeSink. No Action Taken.
File C:\Programme\CashBack\bin\cashback.exe tagged as not-a-virus:AdWare.BargainBuddy.j. No Action Taken.
File C:\Programme\CashBack\bin\cb.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\Programme\CashBack\bin\flash.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\Programme\BullsEye Network\bin\bargains.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\Programme\BullsEye Network\bin\adv.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\Programme\BullsEye Network\bin\adx.exe tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\Programme\Toolbar\IExploreSkins.exe tagged as not-a-virus:RiskWare.Tool.Exporun. No Action Taken.
File C:\RECYCLED\NPROTECT\00041497.EXE tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\RECYCLED\NPROTECT\00041498.EXE tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\RECYCLED\NPROTECT\00041501.EXE tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\RECYCLED\NPROTECT\00041585.EXE tagged as not-a-virus:AdWare.BargainBuddy.n. No Action Taken.
File C:\RECYCLED\NPROTECT\00041439.DL_ infected by "TrojanDownloader.Win32.Agent.br" Virus. Action Taken: No Action Taken.
File C:\RECYCLED\NPROTECT\00041958.EXE infected by "Backdoor.Delf.da" Virus. Action Taken: No Action Taken.
File C:\RECYCLED\DC30\Installr\1.bin\F3EZSETP.DLL tagged as not-a-virus:RiskWare.Downloader.FunWeb. No Action Taken.
File C:\RECYCLED\DC32.DLL infected by "Trojan.Win32.SurferBar" Virus. Action Taken: No Action Taken.
File C:\Program Files\wins32.exe infected by "Trojan.Win32.SurferBar" Virus. Action Taken: No Action Taken.
File C:\Downloads\DivX5.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\Downloads\DivX503Bundle.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\dialler.exe tagged as not-a-virus:PornWare.Dialer.WebDialer. No Action Taken.
File C:\sfbar.exe infected by "Trojan.Win32.SurferBar" Virus. Action Taken: No Action Taken.

Antwort
Seite 1 von 4 1 23 Letzte »

Stichworte zu "Verseuchter" Computer ...
.inf, antivirus, bho, computer, content.ie5, cpu, dateien, email, explorer, hijack, hijackthis, icq, internet, internet explorer, logfile, messenger, microsoft, msn, msn messenger, programme, registry, rundll, software, symantec, system, windows


« Vorheriges Thema | Nächstes Thema »

Ähnliche Themen: "Verseuchter" Computer ...


  1. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  2. Bundestrojaner Variante: "Ihr Computer wurde gesperrt"; " Ihr Computer wurde durch das Speichern der autom. Informationskontrolle gesperrt"
    Log-Analyse und Auswertung - 25.11.2012 (10)
  3. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  4. BKA-Variante "Der computer ist für die Verletzung..." hat meinen Computer befallen!
    Log-Analyse und Auswertung - 15.08.2012 (15)
  5. Windows 7 64 Bit "GVU"" Ihr Computer wurde gesperrt."
    Log-Analyse und Auswertung - 30.07.2012 (27)
  6. AVIRA meldet "W32/Patched.ZA", "TR/ATRAPS.Gen2", "TR/ATRAPS.Gen", "ZR/sirefe.P.487"
    Log-Analyse und Auswertung - 30.07.2012 (9)
  7. "verseuchter" E-mail Link vs. Sandboxed Browser
    Antiviren-, Firewall- und andere Schutzprogramme - 30.09.2011 (7)
  8. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  9. Logfile - nach Versuch von "twgg.org" meinen Computer zu "reinigen"
    Log-Analyse und Auswertung - 28.05.2010 (5)
  10. Kann nichts mehr runterladen, auch nicht "HiJack This"! ("Your Computer is infected")
    Plagegeister aller Art und deren Bekämpfung - 21.10.2008 (9)
  11. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  12. Beheben des Problems "kein Internet"/"rsvp32_2.dll"/"Can't load library from memory"
    Plagegeister aller Art und deren Bekämpfung - 25.03.2007 (22)
  13. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)
  14. "Search for" und "your computer is infected by......"
    Log-Analyse und Auswertung - 11.02.2005 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung- GMER - Rootkit Scanner

- Rootkit TDSS / TDL4 entfernen

- GVU Trojaner Ransomware Info Seite

- Secunia Personal Software Inspector (PSI)

- GVU Trojaner GVU Trojaner mit Webcam

- Anleitung: Rootkit RKIT/Kryptic entfernen

- Avira AntiVir Rescue System

- Kaspersky Rescue Disk


Zum Thema "Verseuchter" Computer ... - Logfile of HijackThis v1.98.2 Scan saved at 23:28:54, on 16.11.04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v5.50 (5.50.4134.0600) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAMME\NORTON SYSTEMWORKS\NORTON Windows 7 "Verseuchter" Computer ......
Archiv
Du betrachtest: "Verseuchter" Computer ... auf Trojaner-Board

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20