| |
| |||||||
Log-Analyse und Auswertung: Kein Internetzugang, Firewall geblocktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.03.2007, 09:05
| #1 |
| |  Kein Internetzugang, Firewall geblockt Hi zusammen, meine Tochter hat mir gestern Ihren PC übberreicht mit der Mitteilung,das Sie nicht mehr ins Netz kommt.http://www.trojaner-board.de/images/smilies/aplaus.gif :aplaus: Ein Scann brachte unter anderem den Virus "Win32:Warezov-AAV" an etlichen Stellen zu Tage. Ausserdem ist die Firewall geblockt. Hie die Hijack-Log: Logfile of HijackThis v1.99.1 Scan saved at 07:43:02, on 14.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\Programme\avmwlanstick\wlangui.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\bin32.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Alwil Software\Avast4\aswUpdSv.exe C:\Programme\Alwil Software\Avast4\ashServ.exe C:\Programme\avmwlanstick\WlanNetService.exe C:\WINDOWS\system32\isrprov.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\mqsvc.exe C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\mqtgsvc.exe C:\Programme\Alwil Software\Avast4\ashMaiSv.exe C:\Programme\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe C:\DOKUME~1\Lisa\LOKALE~1\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=64&bd=pavilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=64&bd=pavilion&pf=laptop R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=64&bd=pavilion&pf=laptop R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [hpWirelessAssistant] REM C:\Programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] REM RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] REM RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] REM CHDAudPropShortcut.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] REM "C:\Programme\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [HP Software Update] REM "C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [QlbCtrl] REM %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Cpqset] REM C:\Programme\Hewlett-Packard\Default Settings\cpqset.exe O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [wmvdiag] REM C:\WINDOWS\system32\wmvconf.exe O4 - HKLM\..\Run: [bin32.exe] C:\WINDOWS\bin32.exe s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=64&bd=pavilion&pf=laptop O20 - AppInit_DLLs: ccfgwshb.dll e1.dll O20 - Winlogon Notify: libdprin - C:\WINDOWS\system32\libdprin.dll (file missing) O20 - Winlogon Notify: mprwanp - C:\WINDOWS\system32\mprwanp.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O20 - Winlogon Notify: wmvmgr - wmvmgr32.dll (file missing) O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Programme\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programme\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Programme\avmwlanstick\WlanNetService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe Vielleicht hilft auch die Log von Avast noch: 18.01.2007 18:14:50 1169140490 SYSTEM 988 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 18.01.2007 18:14:50 1169140490 SYSTEM 988 An error has occured while attempting to update. Please check the logs. 19.01.2007 17:17:59 1169223479 Lisa 336 Function setifaceUpdatePackages() has failed. Return code is 0x40010004, dwRes is 40010004. 20.01.2007 12:25:47 1169292347 SYSTEM 992 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 20.01.2007 12:25:48 1169292348 SYSTEM 992 An error has occured while attempting to update. Please check the logs. 21.01.2007 17:49:07 1169398147 SYSTEM 1008 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 21.01.2007 17:49:08 1169398148 SYSTEM 1008 An error has occured while attempting to update. Please check the logs. 22.01.2007 19:59:10 1169492350 SYSTEM 948 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 22.01.2007 19:59:11 1169492351 SYSTEM 948 An error has occured while attempting to update. Please check the logs. 23.01.2007 19:43:21 1169577801 SYSTEM 972 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 23.01.2007 19:43:22 1169577802 SYSTEM 972 An error has occured while attempting to update. Please check the logs. 24.01.2007 19:02:58 1169661778 SYSTEM 1012 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 24.01.2007 19:02:59 1169661779 SYSTEM 1012 An error has occured while attempting to update. Please check the logs. 25.01.2007 17:31:43 1169742703 SYSTEM 1064 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004. 25.01.2007 17:31:43 1169742703 SYSTEM 1064 An error has occured while attempting to update. Please check the logs. 26.01.2007 17:29:41 1169828981 SYSTEM 1008 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 26.01.2007 18:30:39 1169832639 SYSTEM 1008 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 27.01.2007 12:35:48 1169897748 Lisa 1516 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 27.01.2007 14:33:36 1169904816 Lisa 1516 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 27.01.2007 17:39:08 1169915948 Lisa 1516 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 27.01.2007 18:40:14 1169919614 Lisa 1516 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 27.01.2007 19:56:45 1169924205 Lisa 1516 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 28.01.2007 13:28:58 1169987338 Lisa 1104 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\smm32.exe\[MEW]" file. 07.02.2007 16:47:00 1170863220 SYSTEM 1064 Sign of "Win32:Warezov-MV [Wrm]" has been found in "C:\WINDOWS\system32\2.tmp.exe\[Upack]" file. 12.02.2007 18:13:00 1171300380 SYSTEM 1540 Sign of "Win32:Warezov-AJU [Wrm]" has been found in "C:\WINDOWS\accm.exe\[UPX]" file. 12.02.2007 20:17:35 1171307855 SYSTEM 1540 Sign of "Win32:Warezov-AJU [Wrm]" has been found in "C:\WINDOWS\accm.exe\[UPX]" file. 12.02.2007 21:26:19 1171311979 SYSTEM 1540 Sign of "Win32:Warezov-AJU [Wrm]" has been found in "C:\WINDOWS\accm.exe\[UPX]" file. 14.02.2007 16:00:19 1171465219 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: helen <helen.jeremy@guierfence.com>, An: daniel.fueger@baden-maniacs.de\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:00:20 1171465220 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: sandra lewis <sandra1975@vieng.com>, An: ewsletter@blume2000.de\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:00:20 1171465220 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'Mail server report.' Von: serv@elamex.com, An: ewsletter@blume2000.de\Update-KB5890-x86.exe#3116711390\[UPX]" file. 14.02.2007 16:10:48 1171465848 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'Mail server report.' Von: serv@fcradio.net, An: daniel.fueger@baden-maniacs.de\Update-KB8125-x86.exe#3116711390\[UPX]" file. 14.02.2007 16:10:50 1171465850 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: maria wright <maria.wright@niet.com>, An: maria@privat.de\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:11:00 1171465860 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: karen <martin_2004@selectplans.com>, An: site-policy@w3.org\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:11:01 1171465861 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: helen baker <helen.baker@selectplans.com>, An: sandra1975@vieng.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:11:02 1171465862 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'Mail server report.' Von: sec@phazen.net, An: maria@privat.de\Update-KB1437-x86.exe#3116711390\[UPX]" file. 14.02.2007 16:11:02 1171465862 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: joe <joe.hernandez@telcan.com>, An: cds1@bestweb.net\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:11:11 1171465871 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: brent <brent.hernandez@logoluso.com>, An: cds_400706@yahoo.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:12:24 1171465944 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: anna <anna.jackson@motorsportwarehouse.com>, An: mail@bagiramotors.ru\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:12:26 1171465946 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: Donna <Donna.harris@gametemple.com>, An: sales@glt.ru\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:12:31 1171465951 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: linda <linda.hernandez@niet.com>, An: cds218@geocities.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:12:31 1171465951 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: david wright <david.wright@vieng.com>, An: dean@ledmotion.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:22 1171466002 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: Donna walker <Donna.walker@firstclassmoving.com>, An: derrick@lightvision.com.tw\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: craig hernandez <craig.hernandez@iinet.net.au>, An: enquiries@sunseap.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: john <john1950@midmich.net>, An: detlef.eobaldt@lagoled.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: adam <adam.hall@vieng.com>, An: erose@ccrane.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: maria robyn <maria.robyn@firstclassmoving.com>, An: hans.hameeteman@adelco.nl\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: george <george.walker@motorsportwarehouse.com>, An: frankchen@mmm.com\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: helen <helen.clark@fcradio.net>, An: i0306@m06.r03.nalog.ru\postcard.zip#1599645333\postcard.exe\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'Mail server report.' Von: sec@midmich.net, An: u03@r03.nalog.ru\Update-KB3281-x86.exe#3116711390\[UPX]" file. 14.02.2007 16:13:45 1171466025 SYSTEM 1984 Sign of "Win32:Warezov-ASQ [Wrm]" has been found in "Ausgehende Mail 'postcard' Von: john green <john_ossjz@phazen.net>, An: i0308@r03.nalog.ru\postcard.zip#1599645333\postcard.exe\[UPX]" file. 20.02.2007 11:47:49 1171968469 Lisa 1564 Sign of "Win32:Warezov-AAU [Wrm]" has been found in "C:\WINDOWS\system32\diagisr.dll" file. 20.02.2007 11:48:02 1171968482 Lisa 1564 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\system32\isrprf32.dll" file. 20.02.2007 11:48:05 1171968485 Lisa 1564 Sign of "Win32:Warezov-AAS [Wrm]" has been found in "C:\WINDOWS\system32\isrprov.exe" file. 09.03.2007 18:15:15 1173460515 SYSTEM 1548 Sign of "Win32:Warezov-BCY [Wrm]" has been found in "C:\WINDOWS\SYSTEM32\CONFWMV.DLL" file. 09.03.2007 18:15:29 1173460529 SYSTEM 1548 Sign of "Win32:Warezov-BCY [Wrm]" has been found in "C:\WINDOWS\SYSTEM32\WMVSTAT.DLL" file. 09.03.2007 18:17:24 1173460644 Lisa 2312 Sign of "Win32:Warezov-BCX [Wrm]" has been found in "c:\windows\system32\wmvmgr32.dll" file. 09.03.2007 19:55:31 1173466531 Lisa 1472 Sign of "Win32:Trojan-gen. {Other}" has been found in "C:\Programme\Morpheus\mymorpheusToolbar.exe" file. 09.03.2007 20:17:20 1173467840 Lisa 1472 Sign of "Win32:Warezov-BCY [Wrm]" has been found in "C:\System Volume Information\_restore{D1E51CDE-FC59-4EA3-8439-6656359D223D}\RP36\A0017435.exe" file. 09.03.2007 20:17:20 1173467840 Lisa 1472 Sign of "Win32:Warezov-BCY [Wrm]" has been found in "C:\System Volume Information\_restore{D1E51CDE-FC59-4EA3-8439-6656359D223D}\RP36\A0017436.dll" file. 12.03.2007 16:36:39 1173713799 Lisa 724 Sign of "Win32:Warezov-AAV [Wrm]" has been found in "C:\WINDOWS\system32\isrprf32.dll" file. 12.03.2007 16:36:47 1173713807 Lisa 724 Sign of "Win32:Warezov-AAS [Wrm]" has been found in "C:\WINDOWS\system32\isrprov.exe" file. 12.03.2007 17:09:12 1173715752 Lisa 612 Sign of "Win32:Warezov-LH [Wrm]" has been found in "C:\Programme\ICQLite\ICQLite.exe" file. 12.03.2007 21:07:50 1173730070 Lisa 612 Sign of "Win32:Warezov-AAS [Wrm]" has been found in "C:\WINDOWS\system32\isrprov.exe" file. 12.03.2007 21:23:17 1173730997 SYSTEM 796 Sign of "Win32:Warezov-AAS [Wrm]" has been found in "C:\WINDOWS\system32\isrprov.exe" file. 13.03.2007 19:47:37 1173811657 SYSTEM 792 Sign of "Win32:Warezov-AAS [Wrm]" has been found in "C:\WINDOWS\system32\isrprov.exe" file. 13.03.2007 19:57:47 1173812267 Lisa 4032 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7. 13.03.2007 20:11:51 1173813111 Lisa 3184 Sign of "Win32:Warezov-AAS [Wrm]" has been found in "c:\windows\system32\isrprov.exe" file. Ich, und vor allam meine Tochter würden sich wirklich sehr freuen, wenn sich jemand diesem Problem annehmen würde. http://www.trojaner-board.de/images/smilies/bussi.gif  Jetzt schon mal vielen Dank |
| Themen zu Kein Internetzugang, Firewall geblockt |
| adobe, antivirus, appinit_dlls, avast, avast!, bho, error, explorer, firewall, hijackthis, internet, internet explorer, kein internetzugang, launch, microsoft, nvidia, problem, programme, regsvr32, rundll, scan, server, shortcut, software, stick, system, temp, urlsearchhook, vielen dank, virus, windows, windows xp, yahoo.com |
Baum-Darstellung