Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bitte um Hilfe!!!

Bitte um Hilfe!!!


Log-Analyse und Auswertung: Bitte um Hilfe!!!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 13.04.2005, 11:47   #1
Killer007
 
Bitte um Hilfe!!! - Standard

Bitte um Hilfe!!!


Habe mir letztens richtig einen eingefangen, habe schon einiges entfernen können. Bitte aber um Unterstützung, was noch alles weg muss. Im vorraus schon mal Danke

Logfile of HijackThis v1.99.1
Scan saved at 12:45:05, on 13.04.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
C:\Programme\Softwin\BitDefender8\vsserv.exe
C:\progra~1\softwin\bitdef~1\bdmcon.exe
C:\Programme\Softwin\BitDefender8\bdoesrv.exe
C:\Programme\Softwin\BitDefender8\bdswitch.exe
C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\System32\r?gedit.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
G:\I-download\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchcentral.cc/search.php?v=4&aff=3095
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchcentral.cc/index.php?v=4&aff=3095
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchcentral.cc/index.php?v=4&aff=3095
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {14064F2B-C582-8C72-922C-8FC3BCC494AE} - C:\WINDOWS\System32\song.dll
O2 - BHO: (no name) - {572B7F2B-E8B3-BA40-BF1C-CDEE8E81B99C} - C:\WINDOWS\System32\song.dll
O2 - BHO: IE Update Class - {5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} - C:\WINDOWS\isrvs\sysupd.dll
O2 - BHO: (no name) - {688FCA6E-4942-4D31-B278-F7BF74AD085C} - C:\WINDOWS\System32\ipae.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Programme\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] c:\progra~1\softwin\bitdef~1\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Programme\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\RunOnce: [tlc] C:\WINDOWS\update13.js
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Ocjnonxl] C:\WINDOWS\System32\r?gedit.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Microsoft AntiSpyware helper - {279C8B84-4351-47E9-8F1F-B106D0E24AB1} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {279C8B84-4351-47E9-8F1F-B106D0E24AB1} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Microsoft AntiSpyware helper - {D01250BC-5E91-4C13-A9D8-C76E1BB14978} - C:\WINDOWS\wldr.dll (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D01250BC-5E91-4C13-A9D8-C76E1BB14978} - C:\WINDOWS\wldr.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {279C8B84-4351-47E9-8F1F-B106D0E24AB1} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {279C8B84-4351-47E9-8F1F-B106D0E24AB1} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {D01250BC-5E91-4C13-A9D8-C76E1BB14978} - C:\WINDOWS\wldr.dll (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D01250BC-5E91-4C13-A9D8-C76E1BB14978} - C:\WINDOWS\wldr.dll (file missing) (HKCU)
O15 - Trusted IP range: 67.19.185.246
O15 - Trusted IP range: 67.19.185.246 (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBCC40F0-565F-4BDF-B662-2470DBDBBD4D}: NameServer = 192.168.1.1
O18 - Protocol: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - d:\haufereader\HRInstmon.dll
O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} - C:\WINDOWS\isrvs\mfiltis.dll
O18 - Filter: text/plain - {83394F32-2FA2-4FBE-8E0C-015577A4E84D} - C:\WINDOWS\System32\ipae.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programme\Softwin\BitDefender8\vsserv.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe

Alt 13.04.2005, 20:29   #2
Sagamore
 
Bitte um Hilfe!!! - Standard

Bitte um Hilfe!!!


O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe

Dabei handelt es sich höchstwahrscheinlich um ein Backdoor:

http://www.sophos.de/virusinfo/analyses/w32danshb.html
http://www.f-secure.de/v-desk/sdbot_md.shtml

Sinnvoll wäre dann dies hier:
http://www.trojaner-board.de/showthread.php?t=12154

Und du solltest dein System unbedingt auf den aktuellen Stand (service Pack2)bringen.
__________________

__________________
Alt 13.04.2005, 20:33   #3
Haui45
 
Bitte um Hilfe!!! - Standard

Bitte um Hilfe!!!


Zitat:
Zitat von Sagamore
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe

Dabei handelt es sich höchstwahrscheinlich um ein Backdoor:
Schaut mehr nach Adware aus.


@Killer007
Scanne dein System bitte mit eScan im abgesicherten Modus (Anleitung genau befolgen!) und poste was gefunden wird. Am einfachsten machst du das so:
Direkt nach dem Scan, den Inhalt des Fensters "Virus Log Information" kopieren (Strg+A alles markieren; Strg+C kopieren) und in einer Textdatei speichern (z.B. mit Wordpad o.ä.). Dazu den Inhalt mit Strg+V in das Textverarbeitungsprogramm einfügen und das Dokument dann abspeichern. Nach dem Neustart kannst du die Infos aus der Datei einfach ins Forum kopieren.


Poste außerdem folgendes aus der mwav.log (steht ganz am Ende):
Zitat:
Total Number of Files Scanned:
Total Number of Virus(es) Found:
Total Number of Disinfected Files:
Total Number of Files Renamed:
Total Number of Deleted Files:
Total Number of Errors:
Time Elapsed:
__________________
Alt 14.04.2005, 00:25   #4
Killer007
 
Bitte um Hilfe!!! - Standard

Bitte um Hilfe!!!


Danke für die Tipps, wenn ich Zeit habe werde ich es sofort mal testen und Meldung machen

DANKE

Alt 14.04.2005, 13:33   #5
Killer007
 
Bitte um Hilfe!!! - Standard

Bitte um Hilfe!!!


So hier die Werte vom EScan. sieht richtig böse aus:

Thu Apr 14 14:12:58 2005 => ***** Scanning complete. *****
Thu Apr 14 14:12:58 2005 => Total Objects Scanned: 64159
Thu Apr 14 14:12:58 2005 => Total Virus(es) Found: 136
Thu Apr 14 14:12:58 2005 => Total Disinfected Files: 0
Thu Apr 14 14:12:58 2005 => Total Files Renamed: 0
Thu Apr 14 14:12:58 2005 => Total Deleted Objects: 0
Thu Apr 14 14:12:58 2005 => Total Errors: 19
Thu Apr 14 14:12:58 2005 => Time Elapsed: 01:46:13
Thu Apr 14 14:12:58 2005 => Virus Database Date: 2005/04/13
Thu Apr 14 14:12:58 2005 => Virus Database Count: 125667


File C:\WINDOWS\System32\song.dll infected by "not-a-virus:AdWare.PurityScan.ak" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\sysupd.dll infected by "Trojan-Downloader.Win32.Ieser.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\desktop.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\update13.js infected by "Trojan.JS.StartPage.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\drivers\delprot.sys infected by "Trojan.Win32.Delprot.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\zeta.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File System Found infected by "DyFuCA Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "DyFuCA Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "DyFuCA Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Bargain Buddy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Alexa Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "BlazeFind Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Zango Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "DyFuCA Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ameopt Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "kapabout Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Internet Optimizer Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "avenue media Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "saap Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "exactutil Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "WebSiteViewer Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "text/html Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ezula Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "WindUpdate Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\installer_SIAC.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\shop1004.exe infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ucmoreiex.exe infected by "not-a-virus:AdWare.ToolBar.Ucmore.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\angelex.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\System32\intfsdffdsronsad.exe infected by "Trojan-Clicker.Win32.Delf.bz" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\intronsad.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\izxczxcr.exe infected by "Trojan.Win32.LowZones.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\izxxzdsafsafczxcr.exe infected by "Trojan-Downloader.Win32.Small.aqt" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\oiai.exe infected by "not-a-virus:AdWare.PurityScan.w" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\tksrv99.exe infected by "Trojan-Dropper.Win32.Agent.ik" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\xplugin.dll infected by "Trojan-Downloader.Win32.Esepor.ac" Virus. Action Taken: No Action Taken.
File C:\Program Files\Media Pass\MediaPassC.dll infected by "not-a-virus:AdWare.WinAD.af" Virus. Action Taken: No Action Taken.
File C:\Programme\AOL 8.0\aol90\setup.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\Programme\Norton SystemWorks\Norton CleanSweep\Sicherungskopie\AdMa6101.BUD infected by "not-a-virus:AdWare.WinAD.k" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton SystemWorks\Norton CleanSweep\Sicherungskopie\Medi2437.BUD infected by "not-a-virus:AdWare.WinAD.af" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP193\A0003371.exe infected by "not-a-virus:AdWare.WinAD.k" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP195\A0003419.dll infected by "not-a-virus:AdWare.WinAD.af" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP195\A0003420.exe infected by "not-a-virus:AdWare.WinAD.af" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP195\A0003421.exe infected by "not-a-virus:AdWare.WinAD.af" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005641.exe infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005642.dll infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005643.exe infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005644.exe infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005650.exe infected by "not-a-virus:AdWare.Wintol.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005651.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005652.dll infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005653.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005660.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005667.exe infected by "Trojan-Downloader.Win32.Wintool.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005668.dll infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005676.dll infected by "not-a-virus:AdWare.ToolBar.Ucmore.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005677.dll infected by "not-a-virus:AdWare.Toolbar.Ucmore" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005682.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005683.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005685.dll infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005687.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005691.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005699.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005700.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005707.dll infected by "not-a-virus:AdWare.WebSearch.aa" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005725.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005726.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005732.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005733.exe infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005734.dll infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005743.exe tagged as not-a-virus:RiskWare.Tool.Exporun. No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005744.exe infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005745.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005746.dll infected by "Trojan-Downloader.Win32.Dyfuca.gen" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005747.exe infected by "Trojan-Downloader.Win32.Dyfuca.dk" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005748.EXE infected by "Trojan-Dropper.Win32.SurfSide.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005749.exe infected by "Trojan-Downloader.Win32.Delf.cb" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005750.dll infected by "Trojan.Win32.StartPage.ix" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005751.exe infected by "Trojan-Downloader.Win32.Delf.dg" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005752.exe infected by "Trojan.Win32.Agent.ay" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005753.exe infected by "Trojan-Downloader.Win32.Esepor.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005754.exe infected by "Trojan-Downloader.Win32.Small.aqw" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005755.exe infected by "Trojan-Downloader.Win32.Small.aom" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005756.dll infected by "Trojan-Downloader.Win32.Agent.kf" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005757.exe infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005758.dll infected by "Trojan-Downloader.Win32.Agent.kf" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0005759.exe infected by "Trojan-Downloader.Win32.Delf.cb" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006724.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006725.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006748.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006749.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006761.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006762.exe infected by "Trojan-Downloader.Win32.Dyfuca.dx" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006763.exe infected by "Trojan-Downloader.Win32.Dyfuca.dx" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006764.dll infected by "not-a-virus:AdWare.WinAD.z" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006765.dll infected by "not-a-virus:AdWare.Relevance.c" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006805.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{6AFBD0B2-4385-48D7-873A-480B85750549}\RP210\A0006806.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\clientax.dll infected by "not-a-virus:AdWare.180Solutions.b" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\server.exe.1 infected by "Trojan-Downloader.Win32.Agent.dk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\installer_SIAC.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\edmond.exe infected by "Trojan.Win32.Delprot.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\isearch.xpi infected by "not-a-virus:AdWare.ToolBar.ISearch.e" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\isrvs\mfiltis.dll infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\shop1004.exe infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\angelex.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\exul.exe infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\system32\intfsdffdsronsad.exe infected by "Trojan-Clicker.Win32.Delf.bz" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\intronsad.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\izxczxcr.exe infected by "Trojan.Win32.LowZones.y" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\izxxzdsafsafczxcr.exe infected by "Trojan-Downloader.Win32.Small.aqt" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\javexulm.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\oiai.exe infected by "not-a-virus:AdWare.PurityScan.w" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\tksrv99.exe infected by "Trojan-Dropper.Win32.Agent.ik" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\xplugin.dll infected by "Trojan-Downloader.Win32.Esepor.ac" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ucmoreiex.exe infected by "not-a-virus:AdWare.ToolBar.Ucmore.a" Virus. Action Taken: No Action Taken.
File E:\Hearts of Iron II\Hoi2Lib_Setup.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.


Alt 14.04.2005, 19:26   #6
Cidre
Administrator, a.D.
 
Bitte um Hilfe!!! - Standard

Bitte um Hilfe!!!


@ Killer007

An deiner Stelle würde ich, bei dieser hochgradigen Durchseuchung, auf Nummer sicher gehen und ein Neuaufsetzen deines Systems bevorzugen. Eine Anleitung hierzu findest du in meiner Signatur.
__________________
--> Bitte um Hilfe!!!

Alt 14.04.2005, 22:32   #7
Killer007
 
Bitte um Hilfe!!! - Standard

Bitte um Hilfe!!!


Wird sowieso mal wieder Zeit für ein neues BS. Hat ja schon lange duchgehalten.

Na denn, danke trotzdem für die schnellen Antworten

Antwort

Themen zu Bitte um Hilfe!!!
.dll, adobe, alles weg, antispyware, bho, bitte um hilfe, defender, desktop, entfernen, excel, explorer, file missing, hijack, hijackthis, hilfe!!, hilfe!!!, internet, internet explorer, microsoft, nvcpl.dll, nvidia, programme, rundll, server, settings manager, software, symantec, system, virus, windows, windows xp


« 016 - DPF: ...wurde als evtl. BÖSE eingestuft? | Hijackthis Logfile bitte Hilfe »


Ähnliche Themen: Bitte um Hilfe!!!


  1. Virus Dirty Decrypt Verschlüsselung Trojaner, alle Foto kann ich nicht aufmachen, bitte bitte Hilfe!!!
    Log-Analyse und Auswertung - 24.07.2013 (6)
  2. Hilfe Mein forum wurde übernomen keine möglichkeiten rein zu kommen bitte um ideen und hilfe
    Diskussionsforum - 29.06.2012 (6)
  3. (3x) Bitte Bitte um Hilfe habe mir AKM Trojaner eingefangen brauche aber dringend meinen PC
    Mülltonne - 08.05.2012 (1)
  4. Hilfe bei Ukash Trojaner! Bitte dringend um Hilfe!
    Log-Analyse und Auswertung - 22.01.2012 (1)
  5. Hilfe Virus! Antivir, internet usw außer gefächt!!! Bitte um Hilfe
    Mülltonne - 15.07.2008 (0)
  6. Viren??Würmer..HILFE! Bitte um Hilfe bei der Auswertung meines hijackthis-log
    Mülltonne - 14.11.2007 (0)
  7. Oh man brauch so dringend Hilfe!!!! Virus?Spyware? Hilfe für einen Laien!Bitte!
    Log-Analyse und Auswertung - 13.06.2007 (6)
  8. SCVHOST.EXE Log file bitte checken! Bitte um hilfe
    Log-Analyse und Auswertung - 06.06.2007 (8)
  9. Ich bin verzweifelt bitte um Dringende Hilfe Bitte bitte
    Plagegeister aller Art und deren Bekämpfung - 08.01.2007 (11)
  10. Bitte, bitte Hilfe wegen Winfixer/ Errorsafe
    Plagegeister aller Art und deren Bekämpfung - 19.12.2006 (3)
  11. Hilfe! EXP/Agent.B Brauche dringent Hilfe, bitte!
    Plagegeister aller Art und deren Bekämpfung - 02.12.2006 (8)
  12. Hilfe 1 Adware Eingefangen Schnelle Hilfe Bitte!!
    Mülltonne - 08.10.2006 (1)
  13. Bitte BITTE bitte HILFE log-file
    Log-Analyse und Auswertung - 18.01.2006 (1)
  14. HILFE, ich habe einige Trojaner - bitte um Eure Hilfe
    Log-Analyse und Auswertung - 01.12.2005 (2)
  15. Schnauze voll von Aurora.brauche dringend hilfe bitte bitte
    Log-Analyse und Auswertung - 08.08.2005 (2)
  16. Bitte Bitte Bitte Hilfe!!! Trojaner
    Log-Analyse und Auswertung - 10.11.2004 (1)
  17. Hilfe,Hilfe,habe Probleme mit Norton Antivirus bitte helfen!!
    Plagegeister aller Art und deren Bekämpfung - 02.03.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bitte um Hilfe!!! - Habe mir letztens richtig einen eingefangen, habe schon einiges entfernen können. Bitte aber um Unterstützung, was noch alles weg muss. Im vorraus schon mal Danke Logfile of HijackThis v1.99.1 Scan - Bitte um Hilfe!!!...
Archiv
Du betrachtest: Bitte um Hilfe!!! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129