Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: w32.fakerecy brauche hilfe

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.05.2007, 14:41   #1
Iwazaru
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



Mein virenscanner findet folgende infizierte Datei:
ctfmon.exe der virus heisst w32.fakerecy
Angeblich wurde die Datei isoliert, doch trotzdem findet er auf meiner externen festplatte den virus wenn ich sie anschliesse und seit neusten kann ich auch net mehr darauf zugreifen auf anderen pcs schon. kann mir wer sagen wie ich den virus endgültig lösche?

Logfile of HijackThis v1.99.1
Scan saved at 14:25:05, on 05.05.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
c:\Programme\Norton AntiVirus\navapsvc.exe
c:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Programme\Norton AntiVirus\SAVScan.exe
C:\Programme\ICQ6\ICQ.exe
c:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Programme\Windows Media Player\wmplayer.exe
C:\Dokumente und Einstellungen\BIATCH\Eigene Dateien\Kram\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "c:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://de8.hpwis.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098695436718
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177950951328
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - c:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe

Alt 07.05.2007, 19:37   #2
ballermann
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe fixen ..

4 beiträge in 2 min muhaha xD
__________________


Alt 07.05.2007, 19:55   #3
Apocalypt
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



Zitat:
Zitat von ballermann Beitrag anzeigen
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe fixen ..

4 beiträge in 2 min muhaha xD
Mit Fixen ist es nicht getan!!!

Auch wenn ich glaube das das eher kein Schädling ist lad die Datei mal probeweise bei Virustotal
hoch und poste das vollständige Ergebnis.
__________________

Alt 08.05.2007, 17:52   #4
Iwazaru
 
w32.fakerecy brauche hilfe - Icon17

w32.fakerecy brauche hilfe



hmm wie kommt ihr jetz auf schowwnd.exe? naja hab sie mal bei virustotal getestet:

AhnLab-V3 2007.5.9.0 05.08.2007 no virus found
AntiVir 7.4.0.15 05.08.2007 no virus found
Authentium 4.93.8 05.07.2007 no virus found
Avast 4.7.997.0 05.07.2007 no virus found
AVG 7.5.0.467 05.08.2007 no virus found
BitDefender 7.2 05.08.2007 no virus found
CAT-QuickHeal 9.00 05.08.2007 no virus found
ClamAV devel-20070416 05.08.2007 no virus found
DrWeb 4.33 05.08.2007 no virus found
eSafe 7.0.15.0 05.07.2007 no virus found
eTrust-Vet 30.7.3618 05.08.2007 no virus found
Ewido 4.0 05.08.2007 no virus found
FileAdvisor 1 05.08.2007 No threat detected
Fortinet 2.85.0.0 05.08.2007 no virus found
F-Prot 4.3.2.48 05.07.2007 no virus found
F-Secure 6.70.13030.0 05.08.2007 no virus found
Ikarus T3.1.1.7 05.08.2007 no virus found
Kaspersky 4.0.2.24 05.08.2007 no virus found
McAfee 5025 05.07.2007 no virus found
Microsoft 1.2503 05.07.2007 no virus found
NOD32v2 2249 05.08.2007 no virus found
Norman 5.80.02 05.08.2007 no virus found
Panda 9.0.0.4 05.07.2007 no virus found
Prevx1 V2 05.08.2007 no virus found
Sophos 4.17.0 05.07.2007 no virus found
Sunbelt 2.2.907.0 05.05.2007 no virus found
Symantec 10 05.08.2007 no virus found
TheHacker 6.1.6.109 05.08.2007 no virus found
VBA32 3.12.0 05.08.2007 no virus found
VirusBuster 4.3.7:9 05.08.2007 no virus found
Webwasher-Gateway 6.0.1 05.08.2007 no virus

ausserdem hab ich nochmal mit eScan gescannt:

Object "smitfraud Browser Hijacker" found in File System! Action Taken: Entries Removed.
Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.
Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.
Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.
Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.
Object "Possible Fujacks-type Worm" found in File System! Action Taken: Entries Removed.
Entry "HKCR\ATLPlugin.ATL3DPage_d2.1" refers to invalid object "{cc10ddda-2452-4598-a6c4-f9f2f0b6a758
}". Action Taken: Entries Removed.
Entry "HKCR\Automap.Map.EU" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: Entries Removed.
Entry "HKCR\Automap.Map.EU.11" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: Entries Removed.
Entry "HKCR\Automap.Template.EU.11" refers to invalid object "{A49EEA01-9231-4C77-AA9E-2F89D72B4804}". Action Taken: Entries Removed.
Entry "HKCR\CDDBControlApple.CddbFullName.1" refers to invalid object "{63338267-37c4-44cf-8e46-756fbe9c8fdc}". Action Taken: Entries Removed.
Entry "HKCR\CDDBControlApple.FullName" refers to invalid object "{63338267-37c4-44cf-8e46-756fbe9c8fdc}". Action Taken: Entries Removed.
Entry "HKCR\DirectAnimation.PathControl" refers to invalid object "{D7A7D7C3-D47F-11D0-89D3-00A0C90833E6}". Action Taken: Entries Removed.
Entry "HKCR\DirectAnimation.Sequence" refers to invalid object "{4F241DB1-EE9F-11D0-9824-006097C99E51}". Action Taken: Entries Removed.
Entry "HKCR\DirectAnimation.SequencerControl" refers to invalid object "{B0A6BAE2-AAF0-11D0-A152-00A0C908DB96}". Action Taken: Entries Removed.
Entry "HKCR\DirectAnimation.SpriteControl" refers to invalid object "{FD179533-D86E-11D0-89D6-00A0C90833E6}". Action Taken: Entries Removed.
Entry "HKCR\DirectAnimation.StructuredGraphicsControl" refers to invalid object "{369303C2-D7AC-11D0-89D5-00A0C90833E6}". Action Taken: Entries Removed.
Entry "HKCR\MISB.DhtmlPluginWrapper" refers to invalid object "{8D18DFF4-0943-4347-8BCA-0C57033F6820}". Action Taken: Entries Removed.
Entry "HKCR\MXtra.DhtmlWrapper" refers to invalid object "{8D18DFF4-0943-4347-8BCA-0C57033F6820}". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Microsoft.NET\Framework\SBSCMP10.DLL". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\hdr_register_1.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\hdr_register_3.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\hdr_register_4.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\hdr_register_5.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\hdr_register_6.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\hdr_register_7.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\logo.jpg". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\px_cl.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\redbullet.gif". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-CHS.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-CHT.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-CSY.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-DAN.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-DEU.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-ENG.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-ENU.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-ESP.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-FIN.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-FRA.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-ITA.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-JPN.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-KOR.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-NLD.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-NON.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-POL.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-PTG.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-RUS.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Pinnacle\Shared Files\Pixie\RegisterTrial\register-SVE.html". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Picture1.jpg". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Picture2.jpg". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\DIMM.DLL". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PrintMe Internet Printing\". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\InstantCD+DVD\Tools\". Action Taken: Entries Removed.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".002". Action Taken: Entries Removed.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".008". Action Taken: Entries Removed.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".1". Action Taken: Entries Removed.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".part". Action Taken: Entries Removed.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".torrent". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{09DA4F91-2A09-4232-AB8C-6BC740096DE3}". Action Taken: Entries Removed.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7B802DE5-84E5-4503-965B-2ABFFC78506A}". Action Taken: Entries Removed.
File E:\AUTORUN.INF infected by "Fujack" Virus! Action Taken: Deleted.

was soll mir das jetz sagen alles trojaner viren was da aufgelistet wird?
Das dumme ist das ich sonen kack recovery system habe sonst würd ich die platte einfach komplett löschen....

Alt 08.05.2007, 18:58   #5
Apocalypt
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



Gut. Mach jetzt noch einen eScan. Dein System sieht soweit gut aus. Das Problem liegt wohl eher bei der externen Festplatte. Schließ die doch mal bei einem andern PC an und mach einen eScan.


Alt 08.05.2007, 20:52   #6
Iwazaru
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



Alles klar escan findet nichts auf der externen allerdings zeigt er diese dateien an die es aber auf der festplatte garnicht existieren z.B. bild dateien:

Scanning Folder: L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\*.*
Tue May 08 20:12:27 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\desktop.ini [**]
Tue May 08 20:12:27 2007 => Scanning Folder: L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl1\*.*
Tue May 08 20:12:27 2007 => Scanning Folder: L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl1\jkg\*.*
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl10 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl11 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl12 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl13 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl14.jpg [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl15.jpg [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl16.jpg [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl17 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl18 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl19 [**]
Tue May 08 20:12:28 2007 => Scanning Folder: L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl2\*.*
Tue May 08 20:12:28 2007 => Scanning Folder: L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl2\sg-tes4o\*.*
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl20 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl21 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl22 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl23 [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl24 [**]
\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02142.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02144.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02146.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02155.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02158.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02160.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02161.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02165.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02169.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02170.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02171.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02172.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02184.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02189.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02190.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02191.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02192.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02193.JPG [**]
Tue May 08 20:12:28 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02200.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02206.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02208.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02209.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02210.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02212.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02213.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02214.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02215.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02216.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02219.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02220.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02221.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02225.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02226.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02227.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02228.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02234.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02237.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02238.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02239.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02241.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02242.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02245.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02247.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02248.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02249.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02251.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02252.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02254.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02256.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02257.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02259.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02264.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02267.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02268.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02270.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02271.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02272.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02275.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02276.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02280.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02281.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02282.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02283.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02284.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02287.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02288.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02292.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02293.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02294.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02297.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02299.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02300.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02302.JPG [**]
Tue May 08 20:12:29 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02304.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02306.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02308.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02309.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02312.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02313.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02315.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02316.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02322.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02323.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02324.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02325.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02328.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02329.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02330.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02331.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02332.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02333.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02334.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02335.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02337.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02338.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02339.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02340.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02341.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02343.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02344.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02345.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02346.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02347.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02348.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02349.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02350.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02351.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02352.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02353.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02354.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02355.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02356.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02359.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02360.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02361.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02362.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02363.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02364.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02365.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02367.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02370.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02372.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02375.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02376.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02378.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02379.JPG [**]
Tue May 08 20:12:30 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02381.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02383.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02387.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02395.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02396.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02397.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02400.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02402.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02403.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02405.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02407.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02409.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02410.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02413.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02414.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02415.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02416.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02417.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02418.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02419.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02420.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02421.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02422.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02424.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02425.JPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\DSC02426.JPG [**]
Tue May 08 20:12:31 2007 => *** File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\MOV02277.MPG having Size Restriction ***. Filesize 10361 kb > 3072 kb...
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\MOV02277.MPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\MOV02277.THM [**]
Tue May 08 20:12:31 2007 => *** File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\MOV02279.MPG having Size Restriction ***. Filesize 5880 kb > 3072 kb...
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\MOV02279.MPG [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\MOV02279.THM [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl6\Thumbs.db [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl7.gif [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl8.jpg [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\Dl9 [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-1129303390-319747316-2448360696-1006\INFO2 [**]
Tue May 08 20:12:31 2007 => Scanning Folder: L:\RECYCLER\S-1-5-21-2632943373-1490847013-3441739597-1006\*.*
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-2632943373-1490847013-3441739597-1006\desktop.ini [**]
Tue May 08 20:12:31 2007 => Scanning File L:\RECYCLER\S-1-5-21-2632943373-1490847013-3441739597-1006\INFO2 [**]

komischer weise kann ich jetz wieder problem los auf die festplatte zugreifen cool naja und die escan ergebnisse von den internen disks haben nichts zu bedeuten?

Alt 08.05.2007, 20:57   #7
Apocalypt
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



Leere mal auf der externen den Ordner:
Zitat:
L:\Recycler
Ansonsten sehe ich keine Auffäligkeiten.

Alt 08.05.2007, 21:07   #8
Iwazaru
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



wenn ich den pfad eingebe finde ich zwar den ordner er ist allerdings leer bzw unter eigenschaften wird er als versteckt angezeigt. komisch ist allerdings das bei den benutzern die zugriff auf diesen ordner haben S-1-5-21-1129303390-319747316-2448360696-1006 diese nummer als benutzer mit fragezeichen angezeigt wird was hat das zu bedeuten?

Geändert von Iwazaru (08.05.2007 um 21:14 Uhr)

Alt 08.05.2007, 21:11   #9
Apocalypt
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



www.winhilfe.info/Windows_XP/XP_Problemloesungen/Versteckte_Ordner_sichtbar_machen_20050530101/

Alt 08.05.2007, 21:33   #10
Iwazaru
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



alles klar hab diesen recycler papier korb jetz gelöscht.. funzt soweit alles.. danke für die hilfe

Alt 14.09.2008, 17:49   #11
Cyb3r
 
w32.fakerecy brauche hilfe - Standard

w32.fakerecy brauche hilfe



hallo

ich habe so ähnliches oder auch das gleiche problem.



[edit]

Bitte eröffne, wie jeder andere hier auch, für dein Problem eine eigenes Thema.
Nur so wird sichergestellt as jedem User übersichtlich und individuell geholfen werden kann.


Danke.

[/edit]

Antwort

Themen zu w32.fakerecy brauche hilfe
adobe, antivirus, bho, brauche hilfe, computer, cyberlink, dll, drivers, einstellungen, explorer, festplatte, hijack, hijackthis, infizierte, infizierte datei, internet, internet explorer, monitor, nvidia, rundll, scan, security, security center, software, symantec, system, virus, windows, windows xp



Ähnliche Themen: w32.fakerecy brauche hilfe


  1. Hilfe! GVU/BKA Trojaner eingefangen, ich brauche Hilfe dabei den Mist von meinem Lappi runter zu bekommen!
    Log-Analyse und Auswertung - 27.11.2012 (1)
  2. Probleme mit W32.Fakerecy
    Log-Analyse und Auswertung - 25.11.2009 (6)
  3. TR/spy.gen brauche hilfe
    Log-Analyse und Auswertung - 01.09.2009 (3)
  4. Hilfe brauche schnelle hilfe
    Mülltonne - 19.10.2008 (0)
  5. Brauche Hilfe
    Mülltonne - 08.10.2008 (0)
  6. W32 Brauche Hilfe
    Plagegeister aller Art und deren Bekämpfung - 21.07.2008 (9)
  7. TR/VB.aqt.24 und W32.Fakerecy - wie entfernen ????
    Plagegeister aller Art und deren Bekämpfung - 08.06.2008 (8)
  8. hilfe!! trojaner.w32.looksky brauche hilfe
    Mülltonne - 03.10.2007 (0)
  9. hilfe!! trojaner.w32.looksky brauche hilfe
    Plagegeister aller Art und deren Bekämpfung - 25.07.2007 (7)
  10. ich brauche HILFE.......
    Log-Analyse und Auswertung - 08.07.2007 (3)
  11. brauche hilfe^^
    Log-Analyse und Auswertung - 17.02.2007 (7)
  12. Hilfe! EXP/Agent.B Brauche dringent Hilfe, bitte!
    Plagegeister aller Art und deren Bekämpfung - 02.12.2006 (8)
  13. Brauche Hilfe =)
    Log-Analyse und Auswertung - 20.11.2005 (1)
  14. BIn neu und brauche Hilfe
    Log-Analyse und Auswertung - 04.07.2005 (0)
  15. Brauche hilfe....
    Log-Analyse und Auswertung - 11.03.2005 (2)
  16. Hilfe Rechner voll Spyware!! Brauche dringend HILFE!!!
    Log-Analyse und Auswertung - 03.03.2005 (1)
  17. Hilfe backdoor.agobot.vt brauche Hilfe
    Plagegeister aller Art und deren Bekämpfung - 02.11.2004 (1)

Zum Thema w32.fakerecy brauche hilfe - Mein virenscanner findet folgende infizierte Datei: ctfmon.exe der virus heisst w32.fakerecy Angeblich wurde die Datei isoliert, doch trotzdem findet er auf meiner externen festplatte den virus wenn ich sie anschliesse - w32.fakerecy brauche hilfe...
Archiv
Du betrachtest: w32.fakerecy brauche hilfe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.