|
Beim Ausführen von ... Guten Tag, nach dem Einschalten des PC erscheint regelmäßig folgende Warnung: Beim Ausführen von ""C:\windows\system32\lvcwmi.dll", UMONITOR" ist eine Ausnahme aufgetreten. Obwohl ich auf Firefox als Standard-Browser gewechselt habe, erscheinen sporadisch unerwünschte IE-Fenster mit dubiosen Seiten z.B. diese: http://mediabuy-nic.cjt1.net/HTM/406...1108575742109?. HijackThis zeigt folgende Log an: Logfile of HijackThis v1.99.1 Scan saved at 18:33:48, on 16.02.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\emnizlpq6.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\htpatch.exe C:\WINDOWS\System32\desk98.exe C:\WINDOWS\System32\viewport.exe C:\Programme\TerraTec\Cinergy 400 TV\TTTVRC.exe C:\Programme\1&1 Internet\VirtuDrive\VirtuDrv.Exe C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe C:\Programme\Gemeinsame Dateien\TerraTec\Scheduler\TTTimer.exe C:\WINDOWS\System32\atiptaxx.exe C:\PROGRA~1\Trust\WIRELE~1\Mouse\Amoumain.exe C:\PROGRA~1\Trust\WIRELE~1\Keyboard\Ikeymain.exe C:\WINDOWS\Mixer.exe C:\Programme\Spyware Doctor\swdoctor.exe C:\WINDOWS\System32\ctfmon.exe C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BIFP.EXE C:\Programme\FinePixViewer\QuickDCF.exe C:\Programme\Leadtek\Common\Bin\WinCinemaMgr.exe C:\Programme\Leadtek\WinDVR\WinScheduler.exe C:\Programme\FRITZ!\IWatch.exe C:\Programme\Nikon\NkView6\NkvMon.exe C:\Programme\jalcds\jaLCDs.exe C:\WINDOWS\system32\rundll32.exe C:\unzipped\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ftd.de/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\about.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {2AFCD1AE-7B44-9B87-20ED-EB6F85DF4AF9} - C:\WINDOWS\System32\dpnbehli.dll O2 - BHO: (no name) - {64C747E4-A3A7-8566-DEC8-F72D60347F51} - C:\WINDOWS\System32\hhqeogvy.dll O2 - BHO: (no name) - {D7EC0692-8E7E-DECC-A9EA-80D191318A93} - C:\WINDOWS\System32\bqqxnvwe.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [HydraVisionDesktopManager] desk98.exe O4 - HKLM\..\Run: [HydraVisionViewport] viewport.exe O4 - HKLM\..\Run: [TerraTec Remote Control] C:\Programme\TerraTec\Cinergy 400 TV\TTTVRC.exe O4 - HKLM\..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [VirtuDrive] C:\Programme\1&1 Internet\VirtuDrive\VirtuDrv.Exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [TerraTec Scheduler] C:\Programme\Gemeinsame Dateien\TerraTec\Scheduler\TTTimer.exe O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\Trust\WIRELE~1\Mouse\Amoumain.exe O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\Trust\WIRELE~1\Keyboard\Ikeymain.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Startup: jaLCDs.exe.lnk = C:\Programme\jalcds\jaLCDs.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BIFP.EXE O4 - Global Startup: Exif Launcher.lnk = ? O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\Leadtek\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Programme\Leadtek\WinDVR\WinScheduler.exe O4 - Global Startup: ISDNWatch.lnk = C:\Programme\FRITZ!\IWatch.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: NkvMon.exe.lnk = C:\Programme\Nikon\NkView6\NkvMon.exe O4 - Global Startup: RealDownload.lnk = C:\Programme\Real\RealDownload\Realdownload.exe O8 - Extra context menu item: &Google Search - res://c:\programme\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar1.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_03\bin\npjpi142_03.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: MP3 - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\euro-libremp3-de\local.html O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} - http://212.145.159.194/251065/dialer...ecomendada.cab O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...l_v1-0-3-0.cab O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\ktl0l73m1.dll O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\PROGRAMME\FRITZ!\de_serv.exe (file missing) O23 - Service: fsyofgmoksfs (fhbvsipv6) - Unknown owner - C:\WINDOWS\System32\emnizlpq6.exe Vorab schonmal herzlichen Dank für die Hilfe hannie |
@hannie lade escan download anleitung überprüfe Deinen Rechner zunächst mit dem eScan: lade den eScan runter, erstelle dafür einen Ordner (=Verzeichnis) c:\bases, update den eScan online und führe ihn offline im abgesicherten Modus aus. Beachte, dass der eScan ab Version 4.5.1 gefundene Malware nicht löscht. Das wird von Hand auf Anweisung durch uns gemacht. Teile uns dann das Ergebnis des eScan mit: welche Viren wurden auf Deinem Rechner gefunden: "öffne die mwav.log -> Bearbeiten -> Suchen -> infected eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen." (Zitat Cidre) chaosman |
Sorry, hat etwas länger gedauert. Aufgrund der Länge werde ich die Datei aufteilen. Teil 1: Wed Feb 16 23:27:38 2005 => File C:\WINDOWS\system32\kydcan.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:27:53 2005 => File C:\PROGRA~1\INTERN~1\iexplore.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:27:55 2005 => File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BIFP.EXE infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:27:58 2005 => File C:\WINDOWS\System32\drivers\ixxpvezv.sys infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:04 2005 => File C:\WINDOWS\d8.exe infected by "Trojan-Downloader.Win32.Small.ahx" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:05 2005 => File C:\WINDOWS\hh.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:05 2005 => File C:\WINDOWS\iconu.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:06 2005 => File C:\WINDOWS\notepad.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:08 2005 => File C:\WINDOWS\R.COM infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:08 2005 => File C:\WINDOWS\REGEDIT.COM infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:08 2005 => File C:\WINDOWS\regedit.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:09 2005 => File C:\WINDOWS\SSK_B5.EXE infected by "Trojan-Dropper.Win32.SurfSide.a" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:16 2005 => File C:\WINDOWS\System32\aMd.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:20 2005 => File C:\WINDOWS\System32\aticap32.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:30 2005 => File C:\WINDOWS\System32\az1s0ij7e8o.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:31 2005 => File C:\WINDOWS\System32\aza20ijoe8oc0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:31 2005 => File C:\WINDOWS\System32\aza603hse.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:31 2005 => File C:\WINDOWS\System32\azaq01l5e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:31 2005 => File C:\WINDOWS\System32\azas0ij7e8o.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:40 2005 => File C:\WINDOWS\System32\czmpobj.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:49 2005 => File C:\WINDOWS\System32\dn8q01l5e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:49 2005 => File C:\WINDOWS\System32\dnlo0133e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:28:50 2005 => File C:\WINDOWS\System32\dpnbehli.dll infected by "Trojan.Win32.Golid.e" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:00 2005 => File C:\WINDOWS\System32\fp4603hse.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:00 2005 => File C:\WINDOWS\System32\fp4m03h1e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:00 2005 => File C:\WINDOWS\System32\fpr8039ue.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:01 2005 => File C:\WINDOWS\System32\fpro0393e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:01 2005 => File C:\WINDOWS\System32\ftiych.dll infected by "Email-Worm.Win32.Tanatos.b.dam2" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:03 2005 => File C:\WINDOWS\System32\gp68l3ju1.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:04 2005 => File C:\WINDOWS\System32\havrfilk.exe infected by "Trojan-Proxy.Win32.Agent.l" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:04 2005 => File C:\WINDOWS\System32\hcfzmygo.exe infected by "Trojan-Downloader.Win32.IstBar.ha" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:04 2005 => File C:\WINDOWS\System32\hhqeogvy.dll infected by "Trojan.Win32.Golid.f" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:05 2005 => File C:\WINDOWS\System32\hr0s05d7e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:06 2005 => File C:\WINDOWS\System32\hr6q05j5e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:06 2005 => File C:\WINDOWS\System32\hrj8051ue.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:06 2005 => File C:\WINDOWS\System32\hrjo0513e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:06 2005 => File C:\WINDOWS\System32\hrpm0571e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:09 2005 => File C:\WINDOWS\System32\IFIresizePX.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:16 2005 => File C:\WINDOWS\System32\ir60l5jm1.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:17 2005 => File C:\WINDOWS\System32\j26m0cj1efo.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:18 2005 => File C:\WINDOWS\System32\jt4807hue.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:19 2005 => File C:\WINDOWS\System32\jt8u07l9e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:19 2005 => File C:\WINDOWS\System32\jtls0737e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:19 2005 => File C:\WINDOWS\System32\k0440ahqed4e0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:19 2005 => File C:\WINDOWS\System32\k4440ehqeh4e0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:19 2005 => File C:\WINDOWS\System32\k4lq0e35eh.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:19 2005 => File C:\WINDOWS\System32\k8260ifse8260.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:20 2005 => File C:\WINDOWS\System32\k8620ijoe8oc0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:20 2005 => File C:\WINDOWS\System32\kaxzwebd.dll infected by "Trojan.Win32.Golid.f" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:23 2005 => File C:\WINDOWS\System32\kidsf.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:23 2005 => File C:\WINDOWS\System32\kydcan.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. |
Teil2: Wed Feb 16 23:29:24 2005 => File C:\WINDOWS\System32\l6n40g5qe6.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:26 2005 => File C:\WINDOWS\System32\luk.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:27 2005 => File C:\WINDOWS\System32\lvn6095se.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:27 2005 => File C:\WINDOWS\System32\m8po0i73e8.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:49 2005 => File C:\WINDOWS\System32\n22ulcf91f2.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:55 2005 => File C:\WINDOWS\System32\nzdll.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:55 2005 => File C:\WINDOWS\System32\obtext32.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:57 2005 => File C:\WINDOWS\System32\okchnpd.dll infected by "Email-Worm.Win32.Tanatos.b.dam2" Virus. Action Taken: No Action Taken. Wed Feb 16 23:29:59 2005 => File C:\WINDOWS\System32\p86s0ij7e8o.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:06 2005 => File C:\WINDOWS\System32\r0r60a9sed.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:07 2005 => File C:\WINDOWS\System32\r48s0el7ehq.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:09 2005 => File C:\WINDOWS\System32\redirect.vbs infected by "Trojan-Downloader.VBS.Psyme.as" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:10 2005 => File C:\WINDOWS\System32\rogmytjv.exe infected by "Trojan-Proxy.Win32.Agent.l" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:12 2005 => File C:\WINDOWS\System32\s2pulc791f.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:29 2005 => File C:\WINDOWS\System32\vecjvxin.dll infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:32 2005 => File C:\WINDOWS\System32\weiprop.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:34 2005 => File C:\WINDOWS\System32\wincoreak.dll infected by "not-a-virus:AdWare.Coreak" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:34 2005 => File C:\WINDOWS\System32\winlspak.dll infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:35 2005 => File C:\WINDOWS\System32\winrulesak.dll infected by "Trojan-Downloader.Win32.Agent.bt" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:35 2005 => File C:\WINDOWS\System32\winupdak.dll infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:40 2005 => File C:\WINDOWS\System32\wt2_32.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:42 2005 => File C:\WINDOWS\System32\yjxeqots.exe infected by "Trojan-Proxy.Win32.Agent.l" Virus. Action Taken: No Action Taken. Wed Feb 16 23:30:42 2005 => File C:\WINDOWS\System32\zmlcvfk.dll infected by "Email-Worm.Win32.Tanatos.a" Virus. Action Taken: No Action Taken. Wed Feb 16 23:31:04 2005 => File C:\!Submit\~phqghum.tmp infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:31:30 2005 => File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BIFP.EXE infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Wed Feb 16 23:31:47 2005 => File C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\OPA5SZOD\a_5_0[1] infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken. Wed Feb 16 23:31:47 2005 => File C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\S3C9A9W3\c_2_0[1] infected by "Trojan-Proxy.Win32.Agent.l" Virus. Action Taken: No Action Taken. Wed Feb 16 23:49:51 2005 => File C:\Programme\Adobe\Acrobat 5.0\Reader\AcroRd32.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:12:44 2005 => File C:\Programme\Outlook Express\msimn.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:17:47 2005 => File C:\Programme\Windows Media Player\mplayer2.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:18:27 2005 => File C:\System Volume Information\_restore{1F7D46BD-EFE6-41A1-B2DD-6346C6190975}\RP1\A0000218.exe infected by "not-a-virus:AdWare.TotalVelocity.aa" Virus. Action Taken: No Action Taken. Thu Feb 17 00:22:46 2005 => File C:\WINDOWS\d8.exe infected by "Trojan-Downloader.Win32.Small.ahx" Virus. Action Taken: No Action Taken. Thu Feb 17 00:26:14 2005 => File C:\WINDOWS\hh.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:26:14 2005 => File C:\WINDOWS\iconu.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken. Thu Feb 17 00:27:52 2005 => File C:\WINDOWS\notepad.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:28:54 2005 => File C:\WINDOWS\R.COM infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:28:54 2005 => File C:\WINDOWS\REGEDIT.COM infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:28:54 2005 => File C:\WINDOWS\regedit.exe infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:02 2005 => File C:\WINDOWS\SSK_B5.EXE infected by "Trojan-Dropper.Win32.SurfSide.a" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:10 2005 => File C:\WINDOWS\system32\aMd.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:14 2005 => File C:\WINDOWS\system32\aticap32.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:25 2005 => File C:\WINDOWS\system32\az1s0ij7e8o.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:25 2005 => File C:\WINDOWS\system32\aza20ijoe8oc0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:25 2005 => File C:\WINDOWS\system32\aza603hse.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:26 2005 => File C:\WINDOWS\system32\azaq01l5e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:31:26 2005 => File C:\WINDOWS\system32\azas0ij7e8o.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:32:52 2005 => File C:\WINDOWS\system32\czmpobj.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:34 2005 => File C:\WINDOWS\system32\dn8q01l5e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:34 2005 => File C:\WINDOWS\system32\dnlo0133e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:35 2005 => File C:\WINDOWS\system32\dpnbehli.dll infected by "Trojan.Win32.Golid.e" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:53 2005 => File C:\WINDOWS\system32\fp4603hse.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:54 2005 => File C:\WINDOWS\system32\fp4m03h1e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:54 2005 => File C:\WINDOWS\system32\fpr8039ue.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:54 2005 => File C:\WINDOWS\system32\fpro0393e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:55 2005 => File C:\WINDOWS\system32\ftiych.dll infected by "Email-Worm.Win32.Tanatos.b.dam2" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:56 2005 => File C:\WINDOWS\system32\gp68l3ju1.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:57 2005 => File C:\WINDOWS\system32\havrfilk.exe infected by "Trojan-Proxy.Win32.Agent.l" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:57 2005 => File C:\WINDOWS\system32\hcfzmygo.exe infected by "Trojan-Downloader.Win32.IstBar.ha" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:58 2005 => File C:\WINDOWS\system32\hhqeogvy.dll infected by "Trojan.Win32.Golid.f" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:59 2005 => File C:\WINDOWS\system32\hr0s05d7e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:59 2005 => File C:\WINDOWS\system32\hr6q05j5e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:35:59 2005 => File C:\WINDOWS\system32\hrj8051ue.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. |
Teil 3: Thu Feb 17 00:36:00 2005 => File C:\WINDOWS\system32\hrjo0513e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:00 2005 => File C:\WINDOWS\system32\hrpm0571e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:04 2005 => File C:\WINDOWS\system32\IFIresizePX.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:11 2005 => File C:\WINDOWS\system32\ir60l5jm1.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:12 2005 => File C:\WINDOWS\system32\j26m0cj1efo.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:14 2005 => File C:\WINDOWS\system32\jt4807hue.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:14 2005 => File C:\WINDOWS\system32\jt8u07l9e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:14 2005 => File C:\WINDOWS\system32\jtls0737e.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:14 2005 => File C:\WINDOWS\system32\k0440ahqed4e0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:14 2005 => File C:\WINDOWS\system32\k4440ehqeh4e0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:14 2005 => File C:\WINDOWS\system32\k4lq0e35eh.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:15 2005 => File C:\WINDOWS\system32\k8260ifse8260.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:15 2005 => File C:\WINDOWS\system32\k8620ijoe8oc0.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:15 2005 => File C:\WINDOWS\system32\kaxzwebd.dll infected by "Trojan.Win32.Golid.f" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:18 2005 => File C:\WINDOWS\system32\kidsf.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:19 2005 => File C:\WINDOWS\system32\kydcan.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:19 2005 => File C:\WINDOWS\system32\l6n40g5qe6.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:22 2005 => File C:\WINDOWS\system32\luk.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:23 2005 => File C:\WINDOWS\system32\lvn6095se.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:23 2005 => File C:\WINDOWS\system32\m8po0i73e8.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:51 2005 => File C:\WINDOWS\system32\n22ulcf91f2.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:58 2005 => File C:\WINDOWS\system32\nzdll.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:36:59 2005 => File C:\WINDOWS\system32\obtext32.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:01 2005 => File C:\WINDOWS\system32\okchnpd.dll infected by "Email-Worm.Win32.Tanatos.b.dam2" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:12 2005 => File C:\WINDOWS\system32\p86s0ij7e8o.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:22 2005 => File C:\WINDOWS\system32\r0r60a9sed.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:22 2005 => File C:\WINDOWS\system32\r48s0el7ehq.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:24 2005 => File C:\WINDOWS\system32\redirect.vbs infected by "Trojan-Downloader.VBS.Psyme.as" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:28 2005 => File C:\WINDOWS\system32\rogmytjv.exe infected by "Trojan-Proxy.Win32.Agent.l" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:30 2005 => File C:\WINDOWS\system32\s2pulc791f.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:37:58 2005 => File C:\WINDOWS\system32\vecjvxin.dll infected by "Trojan.Win32.Agent.aw" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:12 2005 => File C:\WINDOWS\system32\weiprop.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:14 2005 => File C:\WINDOWS\system32\wincoreak.dll infected by "not-a-virus:AdWare.Coreak" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:14 2005 => File C:\WINDOWS\system32\winlspak.dll infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:15 2005 => File C:\WINDOWS\system32\winrulesak.dll infected by "Trojan-Downloader.Win32.Agent.bt" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:16 2005 => File C:\WINDOWS\system32\winupdak.dll infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:21 2005 => File C:\WINDOWS\system32\wt2_32.dll infected by "not-a-virus:AdWare.Look2Me.u" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:22 2005 => File C:\WINDOWS\system32\yjxeqots.exe infected by "Trojan-Proxy.Win32.Agent.l" Virus. Action Taken: No Action Taken. |
Teil 4: Thu Feb 17 00:38:22 2005 => File C:\WINDOWS\system32\zmlcvfk.dll infected by "Email-Worm.Win32.Tanatos.a" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:32 2005 => File C:\WINDOWS\Temp\nsdtmp09.dll infected by "not-a-virus:AdWare.MetaDirect.a" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:36 2005 => File C:\WINDOWS\Temp\vba9.tmp infected by "Email-Worm.Win32.Tanatos.b" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:36 2005 => File C:\WINDOWS\Temp\wincoreak.dll infected by "not-a-virus:AdWare.Coreak" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:36 2005 => File C:\WINDOWS\Temp\winlspak.dll infected by "Trojan-Downloader.Win32.Agent.br" Virus. Action Taken: No Action Taken. Thu Feb 17 00:38:36 2005 => File C:\WINDOWS\Temp\winrulesak.dll infected by "Trojan-Downloader.Win32.Agent.bt" Virus. Action Taken: No Action Taken. Thu Feb 17 00:39:00 2005 => Total Files Scanned: 52181 Thu Feb 17 00:39:00 2005 => Total Virus(es) Found: 166 Thu Feb 17 00:39:00 2005 => Total Disinfected Files: 0 Thu Feb 17 00:39:00 2005 => Total Files Renamed: 0 Thu Feb 17 00:39:00 2005 => Total Deleted Files: 0 Thu Feb 17 00:39:00 2005 => Total Errors: 52 Thu Feb 17 00:39:00 2005 => Time Elapsed: 01:11:32 Thu Feb 17 00:39:00 2005 => Virus Database Date: 2005/02/14 Thu Feb 17 00:39:00 2005 => Virus Database Count: 118236 |
kannst vielleicht noch auf eine Expertenmeinung warten, aber bei der Liste Trojan-Downloader.Win32.Small.ahx Trojan-Downloader.Win32.IstBar.ha Trojan-Downloader.VBS.Psyme.as Trojan-Downloader.Win32.Agent.br Trojan-Downloader.Win32.Agent.bt Trojan-Dropper.Win32.SurfSide.a Trojan-Proxy.Win32.Agent.l Trojan.Win32.Golid.e Trojan.Win32.Golid.f Trojan.Win32.Agent.aw Email-Worm.Win32.Tanatos.a Email-Worm.Win32.Tanatos.b Email-Worm.Win32.Tanatos.b.dam2 meine Meinung/Empfehlung: Rechner "sofort" vom Internet trennen Anleitung -> Neuaufsetzen des Systems und anschliessende Absicherung! für das neuaufsetzen benötigte Anleitungen/Updates z.B. SP2, einen AV, etc. pp über einen anderen "nicht kompromitierten" Rechner ansehen/herunterladen. Falls du dich in einem Netzwerk befindest/befunden hast, dort melden. mfg |
Guten Abend, gibt es noch andere Möglichkeiten? Gruß hannie |
Zitat:
Nöö,dein Rechner is ne Virenschleuder! Vom Netz damit,und neu aufsetzen,geht schneller als eine "Bereinigung",die eh nix bringt...... |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:42 Uhr. |
Copyright ©2000-2025, Trojaner-Board