| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: dropper - loch im system????Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.06.2005, 19:55
| #16 |
 |  dropper - loch im system???? Hi cronos, hier die daten von der mwav.log datei - teil 1 von 3 (zu viele daten, muss sie leider aufteilen - sorry)... vielen dank für deine hilfe... grüsse y. TUESDAY 31.05.2005 C:\WINDOWS\system32\hfadygd.dll infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. c:\windows\system32\evzqjew.exe infected by "Trojan.Win32.Agent.cp" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\hfadygd.dll infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\qslos.dll infected by "not-a-virus:AdWare.Adstart.i" Virus. Action Taken: No Action Taken. c:\windows\system32\evzqjew.exe infected by "Trojan.Win32.Agent.cp" Virus. Action Taken: No Action Taken. C:\WINDOWS\SYSTEM32\HDIDYEJ.SYS infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\hdimyas.exe infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. System found infected with BookedSpace Spyware/Adware ({a85c4a1b-bd36-44e5-a70f-8ec347d9b24f})! Action taken: No Action Taken. Tue May 31 22:34:18 2005 => File System Found infected by "BookedSpace Spyware/Adware" Virus. Action Taken: No Action Taken. Tue May 31 22:34:19 2005 => System found infected with Bargain Buddy Spyware/Adware ({ce188402-6ee7-4022-8868-ab25173a3e14})! Action taken: No Action Taken. Tue May 31 22:34:19 2005 => File System Found infected by "Bargain Buddy Spyware/Adware" Virus. Action Taken: No Action Taken. Tue May 31 22:34:19 2005 => System found infected with Bargain Buddy Spyware/Adware ({f4e04583-354e-4076-be7d-ed6a80fd66da})! Action taken: No Action Taken. Tue May 31 22:34:19 2005 => File System Found infected by "Bargain Buddy Spyware/Adware" Virus. Action Taken: No Action Taken. Tue May 31 22:34:19 2005 => System found infected with AdRotator Spyware/Adware ({1cfb8b32-4053-4144-af6f-1540eec7f101})! Action taken: No Action Taken. Tue May 31 22:34:19 2005 => File System Found infected by "AdRotator Spyware/Adware" Virus. Action Taken: No Action Taken. Tue May 31 22:34:19 2005 => Offending value found in HKLM\Software\myway !!! Tue May 31 22:34:19 2005 => System found infected with myway Spyware/Adware! Action taken: No Action Taken. Tue May 31 22:34:19 2005 => File System Found infected by "myway Spyware/Adware" Virus. Action Taken: No Action Taken. Tue May 31 22:34:19 2005 => Offending value found in HKLM\Software\bookedspace !!! Tue May 31 22:34:19 2005 => System found infected with bookedspace Spyware/Adware! Action taken: No Action Taken. Tue May 31 22:34:19 2005 => File System Found infected by "bookedspace Spyware/Adware" Virus. Action Taken: No Action Taken. Tue May 31 22:34:41 2005 => System found infected with AdRotator Spyware/Adware (hiwinnager.dat)! Action taken: No Action Taken. Tue May 31 22:34:41 2005 => File System Found infected by "AdRotator Spyware/Adware" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\adstartup.exe infected by "not-a-virus:AdWare.Adstart.h" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\GSM3-0511.exe infected by "Trojan.Win32.Registrator.b" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\hoapefe.vxd infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\hpikeci.exe infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\htijebl.exe infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\install_ID6.exe infected by "not-a-virus:AdWare.Adstart.i" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\modgxyz.exe infected by "not-a-virus:AdWare.Adstart.d" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\qslosc.exe infected by "not-a-virus:AdWare.Adstart.h" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\qslosd.exe infected by "not-a-virus:AdWare.Adstart.b" Virus. Action Taken: No Action Taken. Tue May 31 22:36:32 2005 => Scanning File C:\WINDOWS\system32\qslose.xml Tue May 31 22:36:32 2005 => Scanning File C:\WINDOWS\system32\qslosf.exe Tue May 31 22:36:32 2005 => File C:\WINDOWS\system32\qslosf.exe infected by "not-a-virus:AdWare.Adstart.d" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\SWin32.dll infected by "not-a-virus:AdWare.Adstart.i" Virus. Action Taken: No Action Taken. C:\WINDOWS\system32\unpack.exe infected by "Trojan.Win32.Painwin.a" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\York\LOKALE~1\Temp\bs52.tmpbsx32\bbrs2.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken. Tue May 31 22:37:41 2005 => Scanning File C:\DOKUME~1\York\LOKALE~1\Temp\bs53.tmp [**] Tue May 31 22:37:41 2005 => Scanning Folder: C:\DOKUME~1\York\LOKALE~1\Temp\bs53.tmpbsx32\*.* Tue May 31 22:37:41 2005 => Scanning File C:\DOKUME~1\York\LOKALE~1\Temp\bs53.tmpbsx32\bbrs2.exe Tue May 31 22:37:41 2005 => File C:\DOKUME~1\York\LOKALE~1\Temp\bs53.tmpbsx32\bbrs2.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken. Tue May 31 22:37:41 2005 => Scanning File C:\DOKUME~1\York\LOKALE~1\Temp\bs5319.tmp [**] Tue May 31 22:37:41 2005 => Scanning Folder: C:\DOKUME~1\York\LOKALE~1\Temp\bs5319.tmpbsx32\*.* Tue May 31 22:37:41 2005 => Scanning File C:\DOKUME~1\York\LOKALE~1\Temp\bs5319.tmpbsx32\bbrs2.exe Tue May 31 22:37:41 2005 => File C:\DOKUME~1\York\LOKALE~1\Temp\bs5319.tmpbsx32\bbrs2.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken. Tue May 31 22:37:41 2005 => Scanning File C:\DOKUME~1\York\LOKALE~1\Temp\bs54F.tmp [**] Tue May 31 22:37:41 2005 => Scanning Folder: C:\DOKUME~1\York\LOKALE~1\Temp\bs54F.tmpbsx32\*.* Tue May 31 22:37:41 2005 => Scanning File C:\DOKUME~1\York\LOKALE~1\Temp\bs54F.tmpbsx32\bbrs2.exe Tue May 31 22:37:41 2005 => File C:\DOKUME~1\York\LOKALE~1\Temp\bs54F.tmpbsx32\bbrs2.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\York\LOKALE~1\Temp\i8.tmp infected by "not-a-virus:AdWare.SurfSide.j" Virus. Action Taken: No Action Taken. Tue May 31 22:39:25 2005 => ***** Scanning complete. ***** Tue May 31 22:39:25 2005 => Total Objects Scanned: 5331 Tue May 31 22:39:25 2005 => Total Virus(es) Found: 31 Tue May 31 22:39:25 2005 => Total Disinfected Files: 0 Tue May 31 22:39:25 2005 => Total Files Renamed: 0 Tue May 31 22:39:25 2005 => Total Deleted Objects: 0 Tue May 31 22:39:25 2005 => Total Errors: 8 Tue May 31 22:39:25 2005 => Time Elapsed: 00:05:54 Tue May 31 22:39:25 2005 => Virus Database Date: 2005/04/25 Tue May 31 22:39:25 2005 => Virus Database Count: 127328 Geändert von york (04.06.2005 um 20:02 Uhr) |
| Themen zu dropper - loch im system???? |
| antivir, dropper, freue, helfen, mindestens, minute, problem, system, troja, trojaner, täglich, vielen dank, wenige, wenigen, würde |
Baum-Darstellung