überall daosearch

juventino · 29.03.2005, 12:53

hallo miteinander

ich habe ein problem und nämlich, dass sehr oft wenn ich auf ein link klicke immer die seite daosearch.com auf geht.....aber auch wenn ich in google was suche kommt dies immer.......und wenn ich einen text lese wie z.b hier im forum kommer so unterstrichene wörter vor mit dem link daosearch.........und allgemein habe ich das gefühl ,dass das internet seit dem langsamer ist als sonst.

ich wäre froh wenn mir jemand helfen könnte

Gigamail · 29.03.2005, 12:58

Hi,

erstelle ein Hijack This Logfile und poste es mittels copy&paste:Direktdownload hier Denk bitte daran, dass das Programm Hijack This in einem neuen Ordner unter C: laufen sollte, siehe dazu auch Hijack This

juventino · 29.03.2005, 13:15

hallo hoffe dass es so richtig ist:
Logfile of HijackThis v1.99.1
Scan saved at 14:15:12, on 29.03.2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\Programme\Norton AntiVirus\SAVScan.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Messenger Plus! 3\MsgPlus.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINNT\vsnpstd.exe
C:\Programme\NetPumper\NetPumperIEProxy.exe
C:\WINNT\system32\Services\{25BAA8F3-1778-4AF2-B1B1-B54B53C39C81}\SVCHOST.EXE
C:\Programme\Java\j2re1.4.2_05\bin\jucheck.exe
C:\WINNT\system32\internat.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\WINNT\system32\stisvc.exe
C:\Programme\a2\a2guard.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\WINNT\system32\wuauclt.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\A.didii\Eigene Dateien\hijjack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://targetclicks.net/srch.php?qq=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\dskrfuoui.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\dskrfuoui.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bluewin.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\system32\dskrfuoui.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\system32\dskrfuoui.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\dskrfuoui.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\system32\dskrfuoui.dll/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von Bluewin AG
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
O1 - Hosts: 127.0.0.3 n-glx.s-redirect.com
O1 - Hosts: 127.0.0.3 x.full-tgp.net
O1 - Hosts: 127.0.0.3 counter.sexmaniack.com
O1 - Hosts: 127.0.0.3 autoescrowpay.com
O1 - Hosts: 127.0.0.3 www.autoescrowpay.com
O1 - Hosts: 127.0.0.3 www.awmdabest.com
O1 - Hosts: 127.0.0.3 www.sexfiles.nu
O1 - Hosts: 127.0.0.3 awmdabest.com
O1 - Hosts: 127.0.0.3 sexfiles.nu
O1 - Hosts: 127.0.0.3 allforadult.com
O1 - Hosts: 127.0.0.3 www.allforadult.com
O1 - Hosts: 127.0.0.3 www.iframe.biz
O1 - Hosts: 127.0.0.3 iframe.biz
O1 - Hosts: 127.0.0.3 www.newiframe.biz
O1 - Hosts: 127.0.0.3 newiframe.biz
O1 - Hosts: 127.0.0.3 www.vesbiz.biz
O1 - Hosts: 127.0.0.3 vesbiz.biz
O1 - Hosts: 127.0.0.3 www.pizdato.biz
O1 - Hosts: 127.0.0.3 pizdato.biz
O1 - Hosts: 127.0.0.3 www.aaasexypics.com
O1 - Hosts: 127.0.0.3 aaasexypics.com
O1 - Hosts: 127.0.0.3 www.virgin-tgp.net
O1 - Hosts: 127.0.0.3 virgin-tgp.net
O1 - Hosts: 127.0.0.3 www.awmcash.biz
O1 - Hosts: 127.0.0.3 awmcash.biz
O1 - Hosts: 127.0.0.3 buldog-stats.com
O1 - Hosts: 127.0.0.3 www.buldog-stats.com
O1 - Hosts: 127.0.0.3 fregat.drocherway.com
O1 - Hosts: 127.0.0.3 slutmania.biz
O1 - Hosts: 127.0.0.3 www.slutmania.biz
O1 - Hosts: 127.0.0.3 toolbarpartner.com
O1 - Hosts: 127.0.0.3 www.toolbarpartner.com
O1 - Hosts: 127.0.0.3 www.megapornix.com
O1 - Hosts: 127.0.0.3 megapornix.com
O1 - Hosts: 127.0.0.3 www.sp2fucked.biz
O1 - Hosts: 127.0.0.3 sp2fucked.biz
O1 - Hosts: 127.0.0.3 greg-tut.com
O1 - Hosts: 127.0.0.3 www.greg-tut.com
O1 - Hosts: 127.0.0.3 nylonsexy.com
O1 - Hosts: 127.0.0.3 www.nylonsexy.com
O1 - Hosts: 127.0.0.3 vparivalka.com
O1 - Hosts: 127.0.0.3 www.vparivalka.com
O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINNT\BTGrab.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~2.DLL (file missing)
O2 - BHO: (no name) - {2A83C031-0A80-4BCC-B194-B14BE77382DF} - C:\WINNT\system32\dskrfuoui.dll
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: FreshBar - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} - C:\WINNT\system32\docntrop.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [snpstd] C:\WINNT\vsnpstd.exe
O4 - HKLM\..\Run: [yFBWt1S0] C:\WINNT\qcqxir.exe
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [apeuulmual] C:\WINNT\system32\tyeasush.exe
O4 - HKLM\..\Run: [IST Service] C:\Programme\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [NetPumper] "C:\Programme\NetPumper\NetPumperIEProxy.exe"
O4 - HKLM\..\Run: [Disk Keeper] C:\DOKUME~1\A47C3~1.DID\LOKALE~1\Temp\keep.exe
O4 - HKLM\..\Run: [Service Host] C:\WINNT\system32\Services\{25BAA8F3-1778-4AF2-B1B1-B54B53C39C81}\SVCHOST.EXE
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [GoldenFTPserver] C:\Programme\Golden FTP Server\GoldenFTPServer.exe
O4 - HKCU\..\Run: [a-squared] "C:\Programme\a2\a2guard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNfox000
O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\System32\msjava.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.bluewin.ch/
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht!http://69.50.166.213/users/tuma/web/...m::/update.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6854E25E-1BEB-4876-A80F-328B439E6E68}: NameServer = 69.50.176.197,195.225.176.31
O17 - HKLM\System\CS1\Services\VxD\MSTCP: NameServer = 69.50.176.197,195.225.176.31
O17 - HKLM\System\CS1\Services\Tcpip\..\{6854E25E-1BEB-4876-A80F-328B439E6E68}: NameServer = 69.50.176.197,195.225.176.31
O17 - HKLM\System\CS2\Services\VxD\MSTCP: NameServer = 69.50.176.197,195.225.176.31
O17 - HKLM\System\CS2\Services\Tcpip\..\{6854E25E-1BEB-4876-A80F-328B439E6E68}: NameServer = 69.50.176.197,195.225.176.31
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.176.197,195.225.176.31
O18 - Filter: text/html - {C9F4D046-AFF0-4F16-BB5F-5942CD5052D4} - C:\WINNT\system32\dskrfuoui.dll
O18 - Filter: text/plain - {C9F4D046-AFF0-4F16-BB5F-5942CD5052D4} - C:\WINNT\system32\dskrfuoui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ISEXEng - Unknown owner - C:\WINNT\system32\angelex.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe

dartus · 29.03.2005, 19:56

Hallo,

führe bitte dies mal aus:
1. Downloade Dir escan und genau befolge diese Anleitung (Scan IM ABGESIICHERTEN MODUS dauert etwa eine Stunde),
2. starte nach dem Scan wieder in den normalen Modus dauert,
3. öffne die Datei "mwav.log", klicke auf "bearbeiten" danach auf "suchen"
4. gebe dann "infected" ein,
5. suche weiter bei Treffern, markiere diese und kopiere sie ins Forum,
6. neben den Treffern auch das Gesamtergebnis (befindet sich ganz unter im Logfile) posten.

Beispiel:
Wed Feb 02 19:48:56 2005 => Total Files Scanned:
Wed Feb 02 19:48:56 2005 => Total Virus(es) Found:
.
.
.
.

dartus

juventino · 30.03.2005, 10:05

hallo
ich kann escan nicht downloaden, denn auf dem link das du mir gegeben hast steht download...........und wenn ich darauf klicke kommt eben daosearch raus.........und ich kann es nicht downloaden. könntest du mir vielleicht den direkt link geben?
danke

habe einen anderen link gefunden.......

ich brauche es doch......der andere link führt zu einer älteren version

dartus · 30.03.2005, 10:31

Versuchs es mal hier:

ftp://ftp.microworldsystems.com/

juventino · 30.03.2005, 10:41

Zitat:

Zitat von dartus

Versuchs es mal hier:

ftp://ftp.microworldsystems.com/

hier muss ich doch nur die File: mwav.exe saugen oder?

dartus · 30.03.2005, 10:42

genau.

dartus

juventino · 30.03.2005, 10:55

ich weiss ich bin mühsam.........aber muss ich nachdem ich z.b viren gefunden habe ich abgesicherten modus diese löschen oder einfach scannen und dann neustarten und normal scannen?

Gigamail · 30.03.2005, 11:04

@ juventino

lese den Post von Dartus dort steht wie Du es machen sollst. Erst scannen (abgesicherter modus) dann das Ergebnis miteilen (auch die Namen)

juventino · 30.03.2005, 13:36

hallo
es sieht sehr sehr schlecht aus:
Wed Mar 30 13:49:02 2005 => Total Files Scanned: 24170
Wed Mar 30 13:49:02 2005 => Total Virus(es) Found: 159
Wed Mar 30 13:49:02 2005 => Total Disinfected Files: 0
Wed Mar 30 13:49:02 2005 => Total Files Renamed: 0
Wed Mar 30 13:49:02 2005 => Total Deleted Files: 0
Wed Mar 30 13:49:02 2005 => Total Errors: 32
Wed Mar 30 13:49:02 2005 => Time Elapsed: 01:12:25
Wed Mar 30 13:49:02 2005 => Virus Database Date: 2005/03/30
Wed Mar 30 13:49:02 2005 => Virus Database Count: 124022

Wed Mar 30 13:49:02 2005 => Scan Completed.

weil es so viele sind habe ich nicht alle mit infected rein kopiert.........hier sind noch einige beispiele für die trojander die ich gefunden habe:
Trojan.Win32.Qhost.k oder Trojan-Downloader.Win32.Small.api oder Trojan-Clicker.Win32.Agent.cn

Gigamail · 30.03.2005, 14:06

Wahrscheinlich wird es eh besser sein die Kiste neu aufzusetzen. Warum hällst Du Dich nicht einfach an die Hilfen die Dir gestellt werden. Woher soll jetzt ein Mensch sehen in welchem Pfad die gefundenen dateien sind. Vielleicht ist auch ein Backdoor dabei, aber das würde der Inhalt Deiner Logdatei offenlegen. Also poste die kompletten Angaben

juventino · 30.03.2005, 14:38

so hoffe dass es so richtig ist

war nämlich ein hartes stück arbeit

File C:\WINNT\hosts infected by "Trojan.Win32.Qhost.k" Virus. Action Taken: No Action Taken.
File C:\WINNT\ms1.exe infected by "Trojan-Downloader.Win32.Small.api" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\audissrp.exe infected by "Trojan-Clicker.Win32.Agent.cn" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\autodmfp.exe infected by "Trojan-Dropper.Win32.Agent.gp" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\chkntfsfat.exe infected by "Trojan.Win32.StartPage.vt" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\chkntfsfat.exe infected by "Trojan.Win32.StartPage.vt" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\docntrop.dll infected by "Trojan.Win32.StartPage.sl" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\mac80ex.idf infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.j" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\SahHtml.exe infected by "not-a-virus:AdWare.Sahat.i" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\A47C3~1.DID\LOKALE~1\Temp\temp.fr3F8A infected by "not-a-virus:AdWare.Sahat.f" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\A47C3~1.DID\LOKALE~1\Temp\THI3002.tmp\btgrab.cab infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\A47C3~1.DID\LOKALE~1\Temp\THI3002.tmp\polall1b.exe infected by "Trojan-Downloader.Win32.Small.pv" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\A47C3~1.DID\LOKALE~1\Temp\trADC.tmp infected by "Trojan-Downloader.Win32.Agent.lc" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\A47C3~1.DID\LOKALE~1\Temp\zl.exe infected by "Trojan-Proxy.Win32.Agent.df" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\A.didii\Desktop\netpumper-1.20.1-setup.exe infected by "not-a-virus:AdWare.Gator.c" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\A.didii\Lokale Einstellungen\Temp\THI3002.tmp\btgrab.cab infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\A.didii\Lokale Einstellungen\Temp\THI3002.tmp\polall1b.exe infected by "Trojan-Downloader.Win32.Small.pv" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\A.didii\Lokale Einstellungen\Temp\trAD9.tmp infected by "Trojan-Downloader.Win32.Small.aph" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\A.didii\Lokale Einstellungen\Temp\trADC.tmp infected by "Trojan-Downloader.Win32.Agent.lc" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\A.didii\Lokale Einstellungen\Temp\zl.exe infected by "Trojan-Proxy.Win32.Agent.df" Virus. Action Taken: No Action Taken.
File C:\Program Files\Admilli Service\AdmilliComm.dll infected by "not-a-virus:AdWare.WinAD.k" Virus. Action Taken: No Action Taken.
File C:\Program Files\Admilli Service\AdmilliKeep.exe infected by "not-a-virus:AdWare.WinAD.k" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\07CB5510 infected by "not-a-virus:AdWare.Relevance.b" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0B550A7B infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0CF66B7D.txt infected by "Trojan.Win32.StartPage.pu" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0E5F2364 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0F0E4003 infected by "not-a-virus:AdWare.WinAD.j" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0F116A00 infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\0F1413FC infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\11E1466C infected by "Trojan-Downloader.JS.IstBar.b" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\13FB7CB4 infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\1422724C.txt infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\16F56A41 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\19506ABE infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\1B883781 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\21AA59C7.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\21F72989 infected by "Trojan-Downloader.Win32.IstBar.gp" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\226E30EF.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\25801B61 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
5 => File C:\Programme\Norton AntiVirus\Quarantine\28384DB5 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton AntiVirus\Quarantine\283B77B2 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
Scanning File C:\Programme\Norton AntiVirus\Quarantine\2889675B
Wed Mar 30 13:18:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2889675B infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:17 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\288D1158
Wed Mar 30 13:18:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\288D1158 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:17 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\28903B54
Wed Mar 30 13:18:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\28903B54 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:17 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\28936551
Wed Mar 30 13:18:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\28936551 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:17 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\289A3949
Wed Mar 30 13:18:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\289A3949 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:17 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\291C48BA
Wed Mar 30 13:18:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\291C48BA infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:17 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\29231CB2
Wed Mar 30 13:18:17 2005 => File C:\Programme\Norton AntiVirus\Quarantine\29231CB2 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:17 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\292646AF
Wed Mar 30 13:18:18 2005 => File C:\Programme\Norton AntiVirus\Quarantine\292646AF infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:18 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\292970AB
Wed Mar 30 13:18:18 2005 => File C:\Programme\Norton AntiVirus\Quarantine\292970AB infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:18 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2EF43BB5
Wed Mar 30 13:18:18 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2EF43BB5 infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:18 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2FC10A98.exe
Wed Mar 30 13:18:19 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2FC10A98.exe infected by "Trojan-Dropper.Win32.Delf.z" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:19 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2FC43495.exe
Wed Mar 30 13:18:19 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2FC43495.exe infected by "Trojan-Dropper.Win32.Delf.z" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:19 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\31E37A8C.exe
Wed Mar 30 13:18:20 2005 => File C:\Programme\Norton AntiVirus\Quarantine\31E37A8C.exe infected by "Trojan-Downloader.Win32.Small.ahg" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\339F19D1
Wed Mar 30 13:18:20 2005 => File C:\Programme\Norton AntiVirus\Quarantine\339F19D1 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\33AF1E67
Wed Mar 30 13:18:20 2005 => File C:\Programme\Norton AntiVirus\Quarantine\33AF1E67 infected by "not-a-virus:AdWare.FindSpy.a" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3B385B77.exe
Wed Mar 30 13:18:20 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3B385B77.exe infected by "Trojan-Downloader.Win32.Small.ahg" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3B9E517F.exe
Wed Mar 30 13:18:20 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3B9E517F.exe infected by "Trojan.Win32.StartPage.pu" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:20 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3D0F7435.exe
Wed Mar 30 13:18:21 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3D0F7435.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3D8231B7.exe
Wed Mar 30 13:18:21 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3D8231B7.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3E4932DC.exe
Wed Mar 30 13:18:21 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3E4932DC.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3E5A0CBE.exe
Wed Mar 30 13:18:21 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3E5A0CBE.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3F135DFD.exe
Wed Mar 30 13:18:21 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3F135DFD.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3F5D613A.php
Wed Mar 30 13:18:21 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3F5D613A.php infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3F6C4D93
Wed Mar 30 13:18:21 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3F6C4D93 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:21 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3FE1331B.exe
Wed Mar 30 13:18:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3FE1331B.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\40A83440.exe
Wed Mar 30 13:18:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\40A83440.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\416C0B68.exe
Wed Mar 30 13:18:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\416C0B68.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\42373689.exe
Wed Mar 30 13:18:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\42373689.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\46F27638.exe
Wed Mar 30 13:18:23 2005 => File C:\Programme\Norton AntiVirus\Quarantine\46F27638.exe infected by "Trojan-Dropper.Win32.Delf.z" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\49373D8A.exe
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\49373D8A.exe infected by "Trojan-Dropper.Win32.Delf.z" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\49E044C0.htm
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\49E044C0.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\49E044C0.php
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\49E044C0.php infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4A301D83
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4A301D83 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4C126C22.htm
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4C126C22.htm infected by "Exploit.VBS.Phel.a" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4C4A35E5.zip
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4C4A35E5.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4C5A07D3.class

juventino · 30.03.2005, 14:38

und der 2. teil(weil es zu viele ziechen hatte)
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4C5A07D3.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4C605BCC.class
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4C605BCC.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4C672FC5.class
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4C672FC5.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4C7457B7.htm
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4C7457B7.htm infected by "Exploit.VBS.Phel.a" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4C8429A5.dll
Wed Mar 30 13:18:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4C8429A5.dll infected by "Trojan-Downloader.Win32.Murlo.f" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4D3F02D8.exe
Wed Mar 30 13:18:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4D3F02D8.exe infected by "Trojan.Win32.StartPage.pu" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4D3F02D8.txt
Wed Mar 30 13:18:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4D3F02D8.txt infected by "Trojan.Win32.StartPage.pu" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4D4800CD.exe
Wed Mar 30 13:18:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4D4800CD.exe infected by "Trojan.Win32.StartPage.pu" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4D4800CD.txt
Wed Mar 30 13:18:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4D4800CD.txt infected by "Trojan.Win32.StartPage.pu" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4DA16E6C.exe
Wed Mar 30 13:18:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4DA16E6C.exe infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4E26360C.htm
Wed Mar 30 13:18:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4E26360C.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4E296008.php
Wed Mar 30 13:18:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4E296008.php infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4E5A144D.exe
Wed Mar 30 13:18:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4E5A144D.exe infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4E5A144D.txt
Wed Mar 30 13:18:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4E5A144D.txt infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4F5F0F1E
Wed Mar 30 13:18:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4F5F0F1E infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\527F49E8
Wed Mar 30 13:18:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\527F49E8 infected by "Trojan.Win32.Small.ds" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\528C71DA
Wed Mar 30 13:18:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\528C71DA infected by "not-a-virus:AdWare.Msnagent.a" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\52901BD6
Wed Mar 30 13:18:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\52901BD6 infected by "Trojan-Downloader.Win32.Delf.dg" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\52F25291.exe
Wed Mar 30 13:18:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\52F25291.exe infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\52F67C8E.txt
Wed Mar 30 13:18:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\52F67C8E.txt infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\52F9268A.exe
Wed Mar 30 13:18:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\52F9268A.exe infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\52F9268A.txt
Wed Mar 30 13:18:30 2005 => File C:\Programme\Norton AntiVirus\Quarantine\52F9268A.txt infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\52FC5087.exe
Wed Mar 30 13:18:30 2005 => File C:\Programme\Norton AntiVirus\Quarantine\52FC5087.exe infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\52FC5087.txt
Wed Mar 30 13:18:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\52FC5087.txt infected by "Backdoor.Win32.Haxdoor.cn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\55C05981
Wed Mar 30 13:18:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\55C05981 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\59845EC2.exe
Wed Mar 30 13:18:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\59845EC2.exe infected by "Trojan-Dropper.Win32.Microjoin.u" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5BEA2928
Wed Mar 30 13:18:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5BEA2928 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5E4F057B.exe
Wed Mar 30 13:18:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5E4F057B.exe infected by "Trojan-Downloader.Win32.Small.ahg" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5FB83D62
Wed Mar 30 13:18:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5FB83D62 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6077519A
Wed Mar 30 13:18:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6077519A infected by "IM-Worm.Win32.Bropia.g" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\630A7B24
Wed Mar 30 13:18:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\630A7B24 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\644D286D
Wed Mar 30 13:18:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\644D286D infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\64C676E3.exe
Wed Mar 30 13:18:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\64C676E3.exe infected by "Trojan-Downloader.Win32.Small.ahg" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\69DF4179.exe
Wed Mar 30 13:18:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\69DF4179.exe infected by "Trojan-Downloader.Win32.Small.ahg" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6A051160
Wed Mar 30 13:18:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A051160 infected by "not-a-virus:AdWare.Sahat.h" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6A2C0935
Wed Mar 30 13:18:33 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A2C0935 infected by "Trojan-Spy.Win32.Briss.e" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:33 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6A2F3331
Wed Mar 30 13:18:33 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A2F3331 infected by "not-a-virus:AdWare.WinAD.k" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:33 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6A335D2D
Wed Mar 30 13:18:33 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A335D2D infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:33 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6A393126
Wed Mar 30 13:18:33 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A393126 infected by "Trojan-Downloader.Win32.IstBar.gu" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:33 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6A40051F
Wed Mar 30 13:18:33 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A40051F infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:33 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6A432F1B
Wed Mar 30 13:18:33 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6A432F1B infected by "Trojan-Spy.Win32.Briss.j" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:33 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6BE648DF.exe
Wed Mar 30 13:18:34 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6BE648DF.exe infected by "Trojan-Downloader.Win32.Small.ahg" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:34 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6C8E2317.exe
Wed Mar 30 13:18:34 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6C8E2317.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:34 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6E1E37EE
Wed Mar 30 13:18:34 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6E1E37EE infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:34 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6E240BE7
Wed Mar 30 13:18:34 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6E240BE7 infected by "Trojan-Downloader.Win32.IstBar.go" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:34 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\71065B67
Wed Mar 30 13:18:34 2005 => File C:\Programme\Norton AntiVirus\Quarantine\71065B67 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:34 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\73C27BAC
Wed Mar 30 13:18:34 2005 => File C:\Programme\Norton AntiVirus\Quarantine\73C27BAC infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:34 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\75F15A72.exe
Wed Mar 30 13:18:35 2005 => File C:\Programme\Norton AntiVirus\Quarantine\75F15A72.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:35 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\78262D63
Wed Mar 30 13:18:35 2005 => File C:\Programme\Norton AntiVirus\Quarantine\78262D63 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:35 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\79777C67
Wed Mar 30 13:18:35 2005 => File C:\Programme\Norton AntiVirus\Quarantine\79777C67 infected by "Trojan.Win32.LowZones.ah" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:35 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\79A36F94
Wed Mar 30 13:18:35 2005 => File C:\Programme\Norton AntiVirus\Quarantine\79A36F94 infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:35 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\7C3927AA
Wed Mar 30 13:18:35 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7C3927AA infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:18:35 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\7F895A62
Wed Mar 30 13:18:35 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7F895A62 infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: No Action Taken.
File C:\w.exe infected by "Trojan-Downloader.Win32.Small.aod" Virus. Action Taken: No Action Taken.
Wed Mar 30 13:26:52 2005 => File C:\WINNT\Downloaded Program Files\load.exe infected by "Trojan-Downloader.Win32.Small.aod" Virus. Action Taken: No Action Taken.
File C:\WINNT\Downloaded Program Files\SAHAgent_.exe infected by "not-a-virus:AdWare.ShopAtHome.b" Virus. Action Taken: No Action Taken.
File C:\WINNT\Downloaded Program Files\SahHtml_.exe infected by "not-a-virus:AdWare.Sahat.i" Virus. Action Taken: No Action Taken.
File C:\WINNT\Downloaded Program Files\SAHUninstall_.exe infected by "not-a-virus:AdWare.Sahat.p" Virus. Action Taken: No Action Taken.
13:36:15 2005 => File C:\WINNT\hosts infected by "Trojan.Win32.Qhost.k" Virus. Action Taken: No Action Taken.
File C:\WINNT\ms1.exe infected by "Trojan-Downloader.Win32.Small.api" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\audissrp.exe infected by "Trojan-Clicker.Win32.Agent.cn" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\autodmfp.exe infected by "Trojan-Dropper.Win32.Agent.gp" Virus. Action Taken: No Action Taken.
=> File C:\WINNT\system32\chkntfsfat.exe infected by "Trojan.Win32.StartPage.vt" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\drivers\etc\hosts infected by "Trojan.Win32.Qhost.k" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\mac80ex.idf infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.j" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\SahHtml.exe infected by "not-a-virus:AdWare.Sahat.i" Virus. Action Taken: No Action Taken.
File C:\WINNT\system32\SahHtml.exe infected by "not-a-virus:AdWare.Sahat.i" Virus. Action Taken: No Action Taken.
=> File C:\WINNT\system32\Services\{51CA6A2A-2133-4945-B62F-7881DEECAD9E}\SVCHOST.EXE infected by "Trojan-Clicker.Win32.Agent.bw" Virus. Action Taken: No Action Taken.
Scanning File C:\WINNT\system32\Services\{51CA6A2A-2133-4945-B62F-7881DEECAD9E}\SVCHOST32.DLL
Wed Mar 30 13:47:31 2005 => File C:\WINNT\system32\Services\{51CA6A2A-2133-4945-B62F-7881DEECAD9E}\SVCHOST32.DLL infected by "Trojan-Clicker.Win32.Agent.bw" Virus. Action Taken: No Action Taken.

Wed Mar 30 13:47:31 2005 => Scanning File C:\WINNT\system32\Services\{51CA6A2A-2133-4945-B62F-7881DEECAD9E}\Update.exe
Wed Mar 30 13:47:32 2005 => File C:\WINNT\system32\Services\{51CA6A2A-2133-4945-B62F-7881DEECAD9E}\Update.exe infected by "Trojan-Dropper.Win32.Small.vn" Virus. Action Taken: No Action Taken.

wollte noch hinzufügen dass daosearch.com nicht mehr erscheint..........ohne jedoch etwas gelöscht zu haben

Gigamail · 30.03.2005, 16:23

@ juventino

Also bei der Durchseuchung ist ein Neuaufsetzen auf jeden Fall die sicherste Variante. Bei dem Backdoorvirus kann ich nicht sagen ob der schon ins System eingegriffen hat oder nicht, da er jetzt im Quarantäneordner von Norton steckt.

Ich würde dich bitten ehe du Dein System neu aufsetzt folgende Dateien (Siehe meine Signatur: Malware kostenlos prüfen) hoch zu laden. Sollte eine der Dateien größer als 2 MB sein dann schicke die Datei bitte gepackt und mit Passwort versehen an partytime-germany.ice@web.de mit Verweis auf diesen Thread.
C:\WINNT\vsnpstd.exe
C:\WINNT\system32\dskrfuoui.dll
C:\WINNT\vsnpstd.exe
C:\WINNT\qcqxir.exe
C:\WINNT\system32\tyeasush.exe

überall daosearch

Plagegeister aller Art und deren Bekämpfung: überall daosearch