Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   TR/Dldr.leser.A und TR/Delprot.A auf dem Rechner (https://www.trojaner-board.de/18164-tr-dldr-leser-a-tr-delprot-a-rechner.html)

joeyp 23.05.2005 16:54
TR/Dldr.leser.A und TR/Delprot.A auf dem Rechner
 
Hallo Leute,

ich habe 2 Trojaner auf dem Rechner. Hat Antivir gefunden und nun kann ich sie nicht mehr löschen. Die Namen TR/Dldr.leser.A und TR/Delprot.A...

Hier die logfile von hijackthis...

Logfile of HijackThis v1.99.1
Scan saved at 17:48:20, on 23.05.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\isrvs\desktop.exe
C:\WINDOWS\System32\jt0vs976.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Programme\Spybot - Search & Destroy\SpybotSD.exe
D:\Programme\hijackthis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IE Update Class - {5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} - C:\WINDOWS\isrvs\sysupd.dll
O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll (file missing)
O2 - BHO: ohb - {9ADE0443-2AB2-4B23-A3F8-AC520773DE12} - C:\WINDOWS\System32\nsl17.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [WorksFUD] C:\Programme\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programme\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Desktop Search] C:\WINDOWS\isrvs\desktop.exe
O4 - HKLM\..\Run: [ffis] C:\WINDOWS\isrvs\ffisearch.exe
O4 - HKLM\..\Run: [switp] C:\WINDOWS\switpb.exe
O4 - HKLM\..\Run: [jt0vs976] C:\WINDOWS\System32\jt0vs976.exe
O4 - HKLM\..\Run: [pZHZDUD] C:\WINDOWS\anjkwgnh.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\RunOnce: [AAW] "C:\Programme\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1"
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [qowu] C:\PROGRA~1\COMMON~1\qowu\qowum.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Erinnerungen in Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O15 - Trusted Zone: *.addictivetechnologies.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.c4tdownload.com
O15 - Trusted Zone: *.megapornix.com
O15 - Trusted Zone: *.overpro.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.addictivetechnologies.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.c4tdownload.com (HKLM)
O15 - Trusted Zone: *.megapornix.com (HKLM)
O15 - Trusted Zone: *.overpro.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in Trusted Zone, should be Internet Zone (HKLM)
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} - h**p://www.180searchassistant.com/180saax.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\System32\ImapiRox.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe (file missing)

wer kann helfen?

mfg
joeyp

_____________
Anm.
Aktive Links editiert!
Beachte die Hinweise dieser Anleitung: HiJackThis

LG Cidre
S-Mod TB

The Saint 23.05.2005 17:12
Das sieht gar nicht gut aus lasse mal escan laufen nach dieser Anleitung und poste uns danach das Logfile.

joeyp 23.05.2005 17:28
lade mir grad escan runter....

was sieht denn nicht gut aus?


p.s. danke für deine schnelle antwort

The Saint 23.05.2005 17:31
Die ganzen "trusteted zone" Einträge usw. aber dazu später mehr, zuerst mal ein eScan Logfile posten um die Schädlinge aufzufinden danach sehen wir weiter.

joeyp 23.05.2005 20:10
so hier die logfile vom escan

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon May 23 19:38:11 2005 => File C:\WINDOWS\explorer.exe infected by "Virus.Win32.Bube.l" Virus! Action Taken: No Action Taken.
Mon May 23 19:38:29 2005 => File C:\WINDOWS\explorer.exe infected by "Virus.Win32.Bube.l" Virus! Action Taken: No Action Taken.
Mon May 23 19:38:55 2005 => System found infected with SexList Spyware/Adware (_{CFBFAE00-17A6-11D0-99CB-00C04FD64497})! Action taken: No Action Taken.
Mon May 23 19:38:55 2005 => System found infected with SideFind Spyware/Adware ({8cba1b49-8144-4721-a7b1-64c578c9eed7})! Action taken: No Action Taken.
Mon May 23 19:38:55 2005 => System found infected with SideFind Spyware/Adware ({10e42047-deb9-4535-a118-b3f6ec39b807})! Action taken: No Action Taken.
Mon May 23 19:38:56 2005 => System found infected with Zango Spyware/Adware ({99410cde-6f16-42ce-9d49-3807f78f0287})! Action taken: No Action Taken.
Mon May 23 19:39:35 2005 => System found infected with ISTsvc Spyware/Adware (shortcuts.txt)! Action taken: No Action Taken.
Mon May 23 19:39:35 2005 => System found infected with YourSiteBar Spyware/Adware (YSBactivex.dll)! Action taken: No Action Taken.
Mon May 23 19:40:18 2005 => File C:\WINDOWS\sefe.exe infected by "Hoax.Win32.Renos.a" Virus! Action Taken: No Action Taken.
Mon May 23 19:40:18 2005 => File C:\WINDOWS\sefer.exe infected by "Trojan-Clicker.Win32.Small.ga" Virus! Action Taken: No Action Taken.
Mon May 23 19:40:56 2005 => File C:\WINDOWS\System32\dgdgd.exe infected by "Backdoor.Win32.Naninf.e" Virus! Action Taken: No Action Taken.
Mon May 23 19:42:34 2005 => File C:\WINDOWS\System32\protect.exe infected by "Trojan-Downloader.Win32.Agent.nr" Virus! Action Taken: No Action Taken.
Mon May 23 19:43:41 2005 => File C:\DOKUME~1\Andreas\LOKALE~1\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.jj" Virus! Action Taken: No Action Taken.
Mon May 23 19:44:02 2005 => File C:\DOKUME~1\Andreas\LOKALE~1\Temp\temp.fr4CB6\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
Mon May 23 19:44:03 2005 => Total Disinfected Files: 0
Mon May 23 19:56:30 2005 => File C:\WINDOWS\Explorer.exe infected by "Virus.Win32.Bube.l" Virus! Action Taken: No Action Taken.
Mon May 23 19:57:11 2005 => File C:\WINDOWS\Explorer.exe infected by "Virus.Win32.Bube.l" Virus! Action Taken: No Action Taken.
Mon May 23 19:57:35 2005 => System found infected with SexList Spyware/Adware (_{CFBFAE00-17A6-11D0-99CB-00C04FD64497})! Action taken: No Action Taken.
Mon May 23 19:57:36 2005 => System found infected with SideFind Spyware/Adware ({8cba1b49-8144-4721-a7b1-64c578c9eed7})! Action taken: No Action Taken.
Mon May 23 19:57:36 2005 => System found infected with SideFind Spyware/Adware ({10e42047-deb9-4535-a118-b3f6ec39b807})! Action taken: No Action Taken.
Mon May 23 19:57:36 2005 => System found infected with Zango Spyware/Adware ({99410cde-6f16-42ce-9d49-3807f78f0287})! Action taken: No Action Taken.
Mon May 23 19:58:15 2005 => System found infected with YourSiteBar Spyware/Adware (YSBactivex.dll)! Action taken: No Action Taken.
Mon May 23 19:58:57 2005 => File C:\WINDOWS\sefe.exe infected by "Hoax.Win32.Renos.a" Virus! Action Taken: No Action Taken.
Mon May 23 19:58:57 2005 => File C:\WINDOWS\sefer.exe infected by "Trojan-Clicker.Win32.Small.ga" Virus! Action Taken: No Action Taken.
Mon May 23 19:59:34 2005 => File C:\WINDOWS\System32\dgdgd.exe infected by "Backdoor.Win32.Naninf.e" Virus! Action Taken: No Action Taken.
Mon May 23 20:01:09 2005 => File C:\WINDOWS\System32\protect.exe infected by "Trojan-Downloader.Win32.Agent.nr" Virus! Action Taken: No Action Taken.
Mon May 23 20:03:19 2005 => File C:\Dokumente und Einstellungen\Andreas\protect.exe infected by "Trojan-Downloader.Win32.Agent.nr" Virus! Action Taken: No Action Taken.
Mon May 23 20:03:19 2005 => File C:\Dokumente und Einstellungen\Andreas\sefe.exe infected by "Hoax.Win32.Renos.a" Virus! Action Taken: No Action Taken.
Mon May 23 20:03:19 2005 => File C:\Dokumente und Einstellungen\Andreas\sefer.exe infected by "Trojan-Clicker.Win32.Small.ga" Virus! Action Taken: No Action Taken.
Mon May 23 20:05:23 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Mon May 23 20:23:05 2005 => File C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ysbactivex.dll infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
Mon May 23 20:23:05 2005 => File C:\WINDOWS\Downloaded Program Files\rdgDE1742.exe infected by "Trojan.Win32.Dialer.ht" Virus! Action Taken: No Action Taken.
Mon May 23 20:23:05 2005 => File C:\WINDOWS\Downloaded Program Files\ysbactivex.dll infected by "Trojan-Downloader.Win32.IstBar.gen" Virus! Action Taken: No Action Taken.
Mon May 23 20:32:17 2005 => File C:\WINDOWS\sefe.exe infected by "Hoax.Win32.Renos.a" Virus! Action Taken: No Action Taken.
Mon May 23 20:32:17 2005 => File C:\WINDOWS\sefer.exe infected by "Trojan-Clicker.Win32.Small.ga" Virus! Action Taken: No Action Taken.
Mon May 23 20:33:00 2005 => File C:\WINDOWS\system32\dgdgd.exe infected by "Backdoor.Win32.Naninf.e" Virus! Action Taken: No Action Taken.
Mon May 23 20:34:03 2005 => File C:\WINDOWS\system32\dllcache\explorer.exe infected by "Virus.Win32.Bube.l" Virus! Action Taken: No Action Taken.
Mon May 23 20:39:11 2005 => File C:\WINDOWS\system32\protect.exe infected by "Trojan-Downloader.Win32.Agent.nr" Virus! Action Taken: No Action Taken.
Mon May 23 20:45:12 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon May 23 19:38:16 2005 => File C:\WINDOWS\System32\nsl34.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 19:38:22 2005 => File C:\WINDOWS\System32\nsl34.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 19:38:34 2005 => File C:\WINDOWS\isrvs\desktop.exe tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 19:38:35 2005 => File C:\WINDOWS\System32\jt0vs976.exe tagged as "not-a-virus:AdWare.Sahat.aa". Action Taken: No Action Taken.
Mon May 23 19:40:13 2005 => File C:\WINDOWS\down.exe tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 19:40:15 2005 => File C:\WINDOWS\kszcgc.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
Mon May 23 19:40:17 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
Mon May 23 19:40:19 2005 => File C:\WINDOWS\tool.exe tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 19:42:20 2005 => File C:\WINDOWS\System32\nsl17.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 19:42:21 2005 => File C:\WINDOWS\System32\nsp11.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 19:43:23 2005 => File C:\DOKUME~1\Andreas\LOKALE~1\Temp\1.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken.
Mon May 23 19:43:23 2005 => File C:\DOKUME~1\Andreas\LOKALE~1\Temp\180sainstaller.exe tagged as "not-a-virus:AdWare.180Solutions.b". Action Taken: No Action Taken.
Mon May 23 19:56:38 2005 => File C:\WINDOWS\isrvs\desktop.exe tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 19:56:38 2005 => File C:\WINDOWS\System32\jt0vs976.exe tagged as "not-a-virus:AdWare.Sahat.aa". Action Taken: No Action Taken.
Mon May 23 19:57:02 2005 => File C:\WINDOWS\System32\nsi93.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 19:57:15 2005 => File C:\WINDOWS\isrvs\desktop.exe tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 19:57:16 2005 => File C:\WINDOWS\System32\jt0vs976.exe tagged as "not-a-virus:AdWare.Sahat.aa". Action Taken: No Action Taken.
Mon May 23 19:58:52 2005 => File C:\WINDOWS\down.exe tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 19:58:55 2005 => File C:\WINDOWS\kszcgc.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
Mon May 23 19:58:56 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
Mon May 23 19:58:58 2005 => File C:\WINDOWS\tool.exe tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:00:56 2005 => File C:\WINDOWS\System32\nsl17.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:00:57 2005 => File C:\WINDOWS\System32\nsl34.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:00:57 2005 => File C:\WINDOWS\System32\nsp11.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:03:02 2005 => File C:\Dokumente und Einstellungen\Andreas\down.exe tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 20:03:21 2005 => File C:\Dokumente und Einstellungen\Andreas\tool.exe tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:05:28 2005 => File C:\Programme\common files\qowu\qowup.exe tagged as "not-a-virus:AdWare.Xupiter.m". Action Taken: No Action Taken.
Mon May 23 20:23:04 2005 => File C:\WINDOWS\down.exe tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 20:29:59 2005 => File C:\WINDOWS\isrvs\isearch.xpi tagged as "not-a-virus:AdWare.ToolBar.ISearch.e". Action Taken: No Action Taken.
Mon May 23 20:30:09 2005 => File C:\WINDOWS\isrvs\mfiltis.dll tagged as "not-a-virus:AdWare.ToolBar.ISearch.d". Action Taken: No Action Taken.
Mon May 23 20:30:11 2005 => File C:\WINDOWS\kszcgc.exe tagged as "not-a-virus:AdWare.BetterInternet.c". Action Taken: No Action Taken.
Mon May 23 20:30:54 2005 => File C:\WINDOWS\Nail.exe tagged as "not-a-virus:AdWare.BetterInternet.b". Action Taken: No Action Taken.
Mon May 23 20:38:46 2005 => File C:\WINDOWS\system32\nsl17.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:38:46 2005 => File C:\WINDOWS\system32\nsl34.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:38:47 2005 => File C:\WINDOWS\system32\nsp11.dll tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:40:45 2005 => File C:\WINDOWS\tool.exe tagged as "not-a-virus:AdWare.ToolBar.HotSearchBar.g". Action Taken: No Action Taken.
Mon May 23 20:42:09 2005 => File D:\Programme\Alcohol Soft\Alcohol 120\Patch.exe tagged as not-a-virus:Tool.Win32.TPE.a. No Action Taken.
Mon May 23 20:42:22 2005 => File D:\Programme\Software\Alcohol 14822.zip tagged as not-a-virus:Tool.Win32.TPE.a. No Action Taken.
Mon May 23 20:42:24 2005 => File D:\Programme\Software\DivX502Bundle.exe tagged as not-a-virus:Tool.WinCap.Reboot. No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mon May 23 19:44:03 2005 => Total Virus(es) Found: 31
Mon May 23 20:45:12 2005 => Total Virus(es) Found: 55
Mon May 23 19:44:03 2005 => Total Errors: 29
Mon May 23 20:45:12 2005 => Total Errors: 39
Mon May 23 19:44:03 2005 => Time Elapsed: 00:06:32
Mon May 23 20:45:12 2005 => Time Elapsed: 00:49:06
Mon May 23 19:44:03 2005 => Total Objects Scanned: 13229
Mon May 23 20:45:12 2005 => Total Objects Scanned: 33884
Mon May 23 19:36:30 2005 => Virus Database Date: 2005/05/23
Mon May 23 19:44:03 2005 => Virus Database Date: 2005/05/23
Mon May 23 19:44:10 2005 => Virus Database Date: 2005/05/23
Mon May 23 19:55:38 2005 => Virus Database Date: 2005/05/23
Mon May 23 20:45:12 2005 => Virus Database Date: 2005/05/23
Mon May 23 20:46:30 2005 => Virus Database Date: 2005/05/23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

joeyp 23.05.2005 20:11
was ist jetzt zu tun?

mfg

joeyp

cronos 23.05.2005 20:14
Da dieser auf dem Rechner ist:

Mon May 23 20:33:00 2005 => File C:\WINDOWS\system32\dgdgd.exe infected by "Backdoor.Win32.Naninf.e

kommst du um ein Neuaufsetzen, am besten nach folgender Anleitung nicht herum:

http://www.trojaner-board.de/showthread.php?t=12154

Warum eine Bereinigung nicht helfen kann:

http://www.mathematik.uni-marburg.de...c-removal.html

Haui45 23.05.2005 20:14
Zitat:
Zitat von joeyp
was ist jetzt zu tun?
System neu aufsetzten.

Warum?
z.B. darum:
infected by "Backdoor.Win32.Naninf.e" (Link zu einem "Verwandten")

EDIT: War ich wohl zu langsam :heulen: :blabla:


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:07 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29