| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: bekomm den Trojaner nicht weg..könnt ihr bitte helfenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
26.07.2005, 10:32
| #1 |
| /// Helfer-Team    |  bekomm den Trojaner nicht weg..könnt ihr bitte helfen Das beste wird sein, Du machst einen escan genau nach Anleitung und postest das mit der find.bat erzeugte Log. http://www.trojaner-board.de/showthread.php?t=17492 |
|
26.07.2005, 12:06
| #2 |
 | bekomm den Trojaner nicht weg..könnt ihr bitte helfen so hat etwas länger gedauert.......hier das Log File von escan
__________________ich war mächtig erschrocken  File C:\PROGRA~1\SURFSI~1\SskBho.dll tagged as "not-a-virus:AdWare.SurfSide.l". Action Taken: No Action Taken. File C:\WINDOWS\System32\cdmweb\fywpskklya.dll tagged as "not-a-virus:AdWare.SmartPops.d". Action Taken: No Action Taken. File C:\PROGRA~1\SURFSI~1\Ssk.exe tagged as "not-a-virus:AdWare.SurfSide.l". Action Taken: No Action Taken. File C:\WINDOWS\system32\3.html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken. Object "altnet Spyware/Adware" found in File System! Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\website.ocx". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\website.ocx". Action Taken: No Action Taken. Entry "HKCR\CLSID\{29FF67FF-8050-480f-9F30-CC41635F2F9D}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{70B51430-B6CA-11D0-B9B9-00A0C922E750}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{8298d101-f992-43b7-8eca-5052d885b995}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A9E69612-B80D-11D0-B9B9-00A0C922E750}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{f612954d-3b0b-4c56-9563-227b7be624b4}" refers to invalid object "ADMWPROX.DLL". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\MediaGatewayX.Installer" refers to invalid object "{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Daniela\Lokale Einstellungen\Temp\180sainstaller.exe tagged as "not-a-virus:AdWare.180Solutions.g". Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Daniela\Lokale Einstellungen\Temp\Del16.tmp tagged as "not-a-virus:AdWare.180Solutions.g". Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Daniela\Lokale Einstellungen\Temp\i5.tmp tagged as "not-a-virus:AdWare.SurfSide.j". Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Daniela\Lokale Einstellungen\Temp\nst11.EXE tagged as "not-a-virus:AdWare.SmartPops.c". Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Daniela\Lokale Einstellungen\Temp\res1C.tmp tagged as "not-a-virus:AdWare.180Solutions.g". Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\csrs.VIR infected by "Backdoor.Win32.PoeBot.b" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\iexplore.VIR infected by "Trojan-Dropper.Win32.Paradrop.a" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\MSASP32.VIR infected by "Backdoor.Win32.Rbot.rv" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\MSASP32.VIR00 infected by "Backdoor.Win32.Rbot.rv" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\MSASP32.VIR01 infected by "Backdoor.Win32.Rbot.rv" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\MSASP32.VIR02 infected by "Backdoor.Win32.Rbot.rv" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\POLLER.EXE.001 infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\POLLER.EXE.VIR infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\SCVHOST.EXE.001 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\SCVHOST.EXE.002 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\SCVHOST.EXE.003 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\SCVHOST.EXE.004 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\SCVHOST.EXE.005 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\SCVHOST.EXE.VIR infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR00 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR01 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR02 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR03 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR04 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR05 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR06 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR07 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR08 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR09 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\scvhost.VIR10 infected by "Backdoor.Win32.Agobot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\servicei.VIR infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\servicei.VIR00 infected by "Backdoor.Win32.Rbot.gen" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\SETUP_37648.EXE.VIR infected by "Backdoor.Win32.SdBot.aad" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\ufmnjgv.VIR infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\upquqhn.VIR infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken. File C:\Programme\AVPersonal\INFECTED\uvvrqdp.VIR infected by "Trojan.Win32.Agent.ay" Virus! Action Taken: No Action Taken. File C:\Programme\SurfSideKick 3\SskBho.dll tagged as "not-a-virus:AdWare.SurfSide.l". Action Taken: No Action Taken. File C:\Programme\SurfSideKick 3\SskCore.dll tagged as "not-a-virus:AdWare.SurfSide.n". Action Taken: No Action Taken. File C:\Programme\ymsgrde5-1.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\Programme\ymsgrde5.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe infected by "Trojan-Dropper.Win32.Paradrop.a" Virus! Action Taken: No Action Taken. File C:\WINDOWS\3s6n8srr.exe tagged as "not-a-virus:AdWare.Sahat.ah". Action Taken: No Action Taken. File C:\WINDOWS\pskill.exe tagged as not-a-virus:Tool.Win32.PsKill.110. No Action Taken. File C:\WINDOWS\ra.reg infected by "Trojan.WinREG.LowZones.f" Virus! Action Taken: No Action Taken. File C:\WINDOWS\shop1004.exe tagged as "not-a-virus:AdWare.Sahat.m". Action Taken: No Action Taken. File C:\WINDOWS\system32\2sf482m2.exe tagged as "not-a-virus:AdWare.Sahat.f". Action Taken: No Action Taken. File C:\WINDOWS\system32\3.html infected by "Trojan-Clicker.JS.Linker.j" Virus! Action Taken: No Action Taken. File C:\WINDOWS\system32\7nvbf01g.exe infected by "Trojan-Dropper.Win32.Paradrop.a" Virus! Action Taken: No Action Taken. File C:\WINDOWS\system32\cdmweb\fywpskklya.exe tagged as "not-a-virus:AdWare.SmartPops.c". Action Taken: No Action Taken. File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\S6ZDA4TN\protect[1].php infected by "Trojan-Downloader.JS.Codebase.c" Virus! Action Taken: No Action Taken. File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\UWTO4CIC\MediaTicketsInstaller[1].cab tagged as "not-a-virus:AdWare.MediaTickets.f". Action Taken: No Action Taken. File C:\WINDOWS\system32\i infected by "Trojan-Downloader.BAT.Ftp.ab" Virus! Action Taken: No Action Taken. File C:\WINDOWS\system32\k9pb33q3.dll tagged as "not-a-virus:AdWare.Sahat.ad". Action Taken: No Action Taken. File C:\WINDOWS\Temp\ICD1.tmp\MediaTicketsInstaller.ocx tagged as "not-a-virus:AdWare.MediaTickets.f". Action Taken: No Action Taken. File C:\WINDOWS\thin-114-1-x-x.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken. File C:\WINDOWS\ucmoreiex.exe tagged as "not-a-virus:AdWare.ToolBar.Ucmore.a". Action Taken: No Action Taken. File C:\WINDOWS\_MSRSTRT.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. lg samina |
|
| Themen zu bekomm den Trojaner nicht weg..könnt ihr bitte helfen |
| adware, antivir, datei, helfen, meldung, neu, neue, neuen, problem, professionell, scan, scanner, schutz, scvhost.exe, sp2, spybot, trojaner, viren, virenscanner, virenschutz, windows, wurm, würmer, würmern |
Hybrid-Darstellung
