|
Winupd~1 error? virus? Ich hab nen dickes problem. Also ich hab seit nen halben jahr den wen ich den PC hochfahre 2x den fehler auf den desktop Winupd~1. Ich bekomm ihn nicht weg aber seit ich ein game spielen wollte aber nach installation nicht mehr die CD findet denke ich das es daran liegen muss da ich mich in google erkundet hab.... Hab schon alle virus programme versucht nix hilft.... Logfile of HijackThis v1.99.1 Scan saved at 13:27:34, on 17.03.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe E:\eScan\TRAYICOS.EXE E:\eScan\AVPMWrap.EXE D:\ICQLite\ICQLite.exe C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Programme\QuickTime\qttask.exe D:\QUICKTIME\iTunesHelper.exe C:\WINDOWS\system32\ntvdm.exe E:\eScan\license.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\MSN Messenger\msnmsgr.exe C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Programme\Gemeinsame Dateien\Teleca Shared\CapabilityManager.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe E:\eScan\TRAYSSER.EXE E:\eScan\avpm.exe C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWAgent.exe C:\WINDOWS\system32\svchost.exe E:\eScan\AvpM.exe C:\Programme\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Internet Explorer\iexplore.exe C:\WINDOWS\system32\??crosoft.NET\n?lookup.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\MSN Apps\Updater\01.02.0002.1001\de\msnappau.exe E:\hijackthis\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - URLSearchHook: (no name) - {94BE3933-D4FA-AA0D-A939-8CEA6DC27591} - C:\WINDOWS\system32\sowdqfei.dll R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {94BE3933-D4FA-AA0D-A939-8CEA6DC27591} - C:\WINDOWS\system32\sowdqfei.dll O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Programme\DNS\Catcher.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\ICQToolbar\toolbaru.dll O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar\01.01.2607.0\de\msntb.dll O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Programme\Toolbar888\ToolBar888.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.0002.1001\de\msnappau.exe" O4 - HKLM\..\Run: [MailScan Dispatcher] "E:\eScan\LAUNCH.EXE" O4 - HKLM\..\Run: [eScan Updater] E:\eScan\TRAYICOS.EXE /App O4 - HKLM\..\Run: [eScan Monitor] E:\eScan\AVPMWrap.EXE O4 - HKLM\..\Run: [ICQ Lite] "D:\ICQLite\ICQLite.exe" -minimize O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\QUICKTIME\iTunesHelper.exe" O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [DNS] C:\Programme\Gemeinsame Dateien\mc-110-12-0000140.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized O4 - HKCU\..\RunOnce: [ICQ Lite] D:\ICQLite\ICQLite.exe -trayboot O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\ICQToolbar\toolbaru.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\ICQLite\ICQLite.exe O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\mwtsp.dll O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/sites/winfixer.com/www/pages/scanner_de/WinFixer2005ScannerInstallDE.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: C:\WINDOWS\system32\wuauboot.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: eScan Server-Updater (eScan-trayicos) - MicroWorld Technologies Inc. - E:\eScan\TRAYSSER.EXE O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: eScan Monitor Service (KAVMonitorService) - Kaspersky Labs. - E:\eScan\avpm.exe O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe |
Hallo, scanne einmal die fogende Datei bei http://www.virustotal.com : C:\WINDOWS\system32\??crosoft.NET\n?lookup.exe Fixe mit Hijackthis folgende Einträge: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R3 - URLSearchHook: (no name) - {94BE3933-D4FA-AA0D-A939-8CEA6DC27591} - C:\WINDOWS\system32\sowdqfei.dll R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: (no name) - {94BE3933-D4FA-AA0D-A939-8CEA6DC27591} - C:\WINDOWS\system32\sowdqfei.dll O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Programme\DNS\Catcher.dll O3 - Toolbar: Toolbar888 - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Programme\Toolbar888\ToolBar888.dll O4 - HKCU\..\Run: [DNS] C:\Programme\Gemeinsame Dateien\mc-110-12-0000140.exe O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/sites/winfixer.com/www/pages/scanner_de/WinFix er2005ScannerInstallDE.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: C:\WINDOWS\system32\wuauboot.dll Dann sehen wir weiter Gruß Oskar |
@Playah88 Zitat:
|
An unexplected error has occured at procedure: modbackup_makebackup(sitem=O20 - Appinit_DLLs: C:\Windows\system32\wuauboot.dll) Error #5 - Invalid procedure call or argument. Mhmm das kam als ich versucht hab die 10 zu fixen...? --- STATUS: SCANNINGFile "mc-110-12-0000140.exe" received on 03.17.2007 at 14:16:15 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated. Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 Win-Trojan/MulDrop.342636 AntiVir 7.3.1.43 03.17.2007 ADSPY/Shorty Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 Win32:Adware-gen. AVG 7.5.0.447 03.16.2007 no virus found Aditional Information File size: 342636 bytes MD5: 84d5f05716bb0757445d5de1d3234d56 SHA1: dbd3391b489e08d61619fa4411bf692e9b7bcc2b STATUS: SCANNINGFile "nslookup.exe" received on 03.17.2007 at 14:19:46 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated. Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 no virus found AntiVir 7.3.1.43 03.17.2007 no virus found Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 no virus found AVG 7.5.0.447 03.16.2007 no virus found BitDefender 7.2 03.17.2007 no virus found CAT-QuickHeal 9.00 03.15.2007 no virus found Aditional Information File size: 80896 bytes MD5: e21fe0fe82708a631e7379b907d7babd SHA1: 22b68f1b336ede9ab9ee9b1c5fa120ee384005bf STATUS: SCANNINGFile "sowdqfei.dll" received on 03.17.2007 at 14:22:24 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated. Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 no virus found AntiVir 7.3.1.43 03.17.2007 ADSPY/PurityScan.AK.98 Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 Win32:Agent-RY STATUS: SCANNINGFile "wuauboot.dll" received on 03.17.2007 at 14:24:04 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated. Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 Win-AppCare/Clickspring.81920 AntiVir 7.3.1.43 03.17.2007 ADSPY/PurityScan.EN.1 Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 Win32:Ndrv AVG 7.5.0.447 03.16.2007 Adware Generic.OFX BitDefender 7.2 03.17.2007 Adware.PurityScan.D CAT-QuickHeal 9.00 03.15.2007 AdWare.PurityScan.en (Not a Virus) Aditional Information File size: 81920 bytes MD5: f86d149084e9b644ab14dae81262cb3e SHA1: 1b25960b9ade6ebb55f0ab6d8cf673bacb74a15e Aditional Information File size: 139264 bytes MD5: 1477ec0e0fca33ca4f48d6834de827dc SHA1: 302f7c2d29e126f231ccba7724705277682f983d |
Warum postest du die Ergebnisse nicht vollständig? Versuch es bitte noch mal. Scannen bei Virustotal, komplette Ergebnisse für jede einzelne gescannte Datei posten. |
STATUS: FINISHEDComplete scanning result of "wuauboot.dll", received in VirusTotal at 03.17.2007, 16:13:18 (CET). Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 Win-AppCare/Clickspring.81920 AntiVir 7.3.1.43 03.17.2007 ADSPY/PurityScan.EN.1 Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 Win32:Ndrv AVG 7.5.0.447 03.17.2007 Adware Generic.OFX BitDefender 7.2 03.17.2007 Adware.PurityScan.D CAT-QuickHeal 9.00 03.15.2007 AdWare.PurityScan.en (Not a Virus) ClamAV 0.90.1 03.17.2007 Trojan.PurityScan.EN DrWeb 4.33 03.17.2007 no virus found eSafe 7.0.14.0 03.16.2007 Spyware.Purityscan eTrust-Vet 30.6.3486 03.16.2007 Win32/Clspring.EZ Ewido 4.0 03.17.2007 Adware.PurityScan FileAdvisor 1 03.17.2007 no virus found Fortinet 2.85.0.0 03.17.2007 Adware/Purityscan F-Prot 4.3.1.45 03.17.2007 W32/Adware.YT F-Secure 6.70.13030.0 03.16.2007 no virus found Ikarus T3.1.1.3 03.17.2007 AdWare.Win32.PurityScan.en Kaspersky 4.0.2.24 03.17.2007 not-a-virus:AdWare.Win32.PurityScan.en McAfee 4986 03.16.2007 potentially unwanted program Adware-ClickSpring Microsoft 1.2306 03.17.2007 Adware:Win32/ClickSpring.PuritySCAN NOD32v2 2123 03.17.2007 Win32/Adware.PurityScan Norman 5.80.02 03.16.2007 W32/PurityScan.YM Panda 9.0.0.4 03.17.2007 Adware/PurityScan Prevx1 V2 03.17.2007 Trojan.VMMSWM Sophos 4.15.0 03.13.2007 PurityScan Sunbelt 2.2.907.0 03.16.2007 ClickSpring.PuritySCAN Symantec 10 03.17.2007 Adware.Purityscan TheHacker 6.1.6.076 03.15.2007 Adware/PurityScan.en UNA 1.83 03.16.2007 Adware.PurityScan.AAA8 VBA32 3.11.2 03.16.2007 AdWare.Win32.PurityScan.en VirusBuster 4.3.7:9 03.17.2007 no virus found Aditional Information File size: 81920 bytes MD5: f86d149084e9b644ab14dae81262cb3e SHA1: 1b25960b9ade6ebb55f0ab6d8cf673bacb74a15e Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=ce6c25033488 Sunbelt info: PurityScan is an ad supported program that scans the user's Internet Explorer files, including browser cache, cookies and history for pornographic/adult related words and allows the user to delete them. ---- STATUS: FINISHEDComplete scanning result of "mc-110-12-0000140.exe", received in VirusTotal at 03.17.2007, 16:20:10 (CET). Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 Win-Trojan/MulDrop.342636 AntiVir 7.3.1.43 03.17.2007 ADSPY/Shorty Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 Win32:Adware-gen. AVG 7.5.0.447 03.17.2007 no virus found BitDefender 7.2 03.17.2007 no virus found CAT-QuickHeal 9.00 03.15.2007 (Suspicious) - DNAScan ClamAV 0.90.1 03.17.2007 no virus found DrWeb 4.33 03.17.2007 no virus found eSafe 7.0.14.0 03.16.2007 suspicious Trojan/Worm eTrust-Vet 30.6.3486 03.16.2007 no virus found Ewido 4.0 03.17.2007 Downloader.Small FileAdvisor 1 03.17.2007 no virus found Fortinet 2.85.0.0 03.17.2007 Adware/Shorty F-Prot 4.3.1.45 03.17.2007 no virus found F-Secure 6.70.13030.0 03.16.2007 no virus found Ikarus T3.1.1.3 03.17.2007 no virus found Kaspersky 4.0.2.24 03.17.2007 no virus found McAfee 4986 03.16.2007 potentially unwanted program Adware-Shorty Microsoft 1.2306 03.17.2007 no virus found NOD32v2 2123 03.17.2007 Win32/Adware.Maxifiles Norman 5.80.02 03.16.2007 Shorty.A Panda 9.0.0.4 03.17.2007 Adware/Maxifiles Prevx1 V2 03.17.2007 Downloader.Drev.A Sophos 4.15.0 03.13.2007 no virus found Sunbelt 2.2.907.0 03.16.2007 VIPRE.Suspicious Symantec 10 03.17.2007 no virus found TheHacker 6.1.6.076 03.15.2007 no virus found UNA 1.83 03.16.2007 Adware.Maxifiles.6352 VBA32 3.11.2 03.16.2007 suspected of Backdoor.Hupigon.157 (paranoid heuristics) VirusBuster 4.3.7:9 03.17.2007 no virus found Aditional Information File size: 342636 bytes MD5: 84d5f05716bb0757445d5de1d3234d56 SHA1: dbd3391b489e08d61619fa4411bf692e9b7bcc2b packers: BINARYRES, UPX packers: Obsidium Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=4c2f14806765 Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics. ---- STATUS: FINISHEDComplete scanning result of "sowdqfei.dll", received in VirusTotal at 03.17.2007, 16:27:09 (CET). Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 no virus found AntiVir 7.3.1.43 03.17.2007 ADSPY/PurityScan.AK.98 Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 Win32:Agent-RY AVG 7.5.0.447 03.17.2007 Adware Generic.OXM BitDefender 7.2 03.17.2007 Adware.Purityscan.AK CAT-QuickHeal 9.00 03.15.2007 AdWare.PurityScan.ak (Not a Virus) ClamAV 0.90.1 03.17.2007 Trojan.PurityScan.AK DrWeb 4.33 03.17.2007 no virus found eSafe 7.0.14.0 03.16.2007 Spyware.Purityscan eTrust-Vet 30.6.3486 03.16.2007 Win32/Clspring!generic Ewido 4.0 03.17.2007 Adware.PurityScan FileAdvisor 1 03.17.2007 no virus found Fortinet 2.85.0.0 03.17.2007 Adware/ClickSpring F-Prot 4.3.1.45 03.17.2007 W32/Purityscan.AO@ad F-Secure 6.70.13030.0 03.16.2007 no virus found Ikarus T3.1.1.3 03.17.2007 Trojan.Win32.Scapur.k Kaspersky 4.0.2.24 03.17.2007 not-a-virus:AdWare.Win32.PurityScan.ak McAfee 4986 03.16.2007 potentially unwanted program Adware-ClickSpring Microsoft 1.2306 03.17.2007 Adware:Win32/ClickSpring.PuritySCAN NOD32v2 2123 03.17.2007 Win32/Adware.PurityScan Norman 5.80.02 03.16.2007 W32/PurityScan.AAA Panda 9.0.0.4 03.17.2007 Adware/PurityScan Prevx1 V2 03.17.2007 Trojan.NDrv Sophos 4.15.0 03.13.2007 ClickSpring Sunbelt 2.2.907.0 03.16.2007 ClickSpring.PuritySCAN Symantec 10 03.17.2007 Adware.Purityscan TheHacker 6.1.6.076 03.15.2007 Adware/PurityScan.ak UNA 1.83 03.16.2007 Adware.PurityScan.5FEE VBA32 3.11.2 03.16.2007 AdWare.Win32.PurityScan.ak VirusBuster 4.3.7:9 03.17.2007 no virus found Aditional Information File size: 139264 bytes MD5: 1477ec0e0fca33ca4f48d6834de827dc SHA1: 302f7c2d29e126f231ccba7724705277682f983d Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=94c024961114 Sunbelt info: PurityScan is an ad supported program that scans the user's Internet Explorer files, including browser cache, cookies and history for pornographic/adult related words and allows the user to delete them. ---- STATUS: FINISHEDComplete scanning result of "nslookup.exe", received in VirusTotal at 03.17.2007, 16:36:03 (CET). Antivirus Version Update Result AhnLab-V3 2007.3.17.0 03.16.2007 no virus found AntiVir 7.3.1.43 03.17.2007 no virus found Authentium 4.93.8 03.17.2007 no virus found Avast 4.7.936.0 03.16.2007 no virus found AVG 7.5.0.447 03.17.2007 no virus found BitDefender 7.2 03.17.2007 no virus found CAT-QuickHeal 9.00 03.15.2007 no virus found ClamAV 0.90.1 03.17.2007 no virus found DrWeb 4.33 03.17.2007 no virus found eSafe 7.0.14.0 03.16.2007 no virus found eTrust-Vet 30.6.3486 03.16.2007 no virus found Ewido 4.0 03.17.2007 no virus found FileAdvisor 1 03.17.2007 No threat detected Fortinet 2.85.0.0 03.17.2007 no virus found F-Prot 4.3.1.45 03.17.2007 no virus found F-Secure 6.70.13030.0 03.16.2007 no virus found Ikarus T3.1.1.3 03.17.2007 no virus found Kaspersky 4.0.2.24 03.17.2007 no virus found McAfee 4986 03.16.2007 no virus found Microsoft 1.2306 03.17.2007 no virus found NOD32v2 2123 03.17.2007 no virus found Norman 5.80.02 03.16.2007 no virus found Panda 9.0.0.4 03.17.2007 no virus found Prevx1 V2 03.17.2007 no virus found Sophos 4.15.0 03.13.2007 no virus found Sunbelt 2.2.907.0 03.16.2007 no virus found Symantec 10 03.17.2007 no virus found TheHacker 6.1.6.076 03.15.2007 no virus found UNA 1.83 03.16.2007 no virus found VBA32 3.11.2 03.16.2007 no virus found VirusBuster 4.3.7:9 03.17.2007 no virus found Aditional Information File size: 80896 bytes MD5: e21fe0fe82708a631e7379b907d7babd SHA1: 22b68f1b336ede9ab9ee9b1c5fa120ee384005bf Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=e21fe0fe82708a631e7379b907d7babd --- So hoffe das ihr helfen könnt =/ |
Hi, das war die falsche nslookup.exe, nämlich die zu Windows gehörige aus dem system32-Ordner. Es geht aber um die C:\WINDOWS\system32\??crosoft.NET\n?lookup.exe Dabei beachten, daß anstelle der Fragezeichen andere Zeichen stehen werden, eventuell kyrillische, Hijackthis weiß nicht, daß es auch andere Zeichensätze gibt. Wenn Du sie nicht finden kannst, dann im Explorer im Menü Extras -> Ordneroptionen -> Ansicht folgende Einstellungen setzen:
Gruß, Karl |
Zitat:
|
| Alle Zeitangaben in WEZ +1. Es ist jetzt 04:12 Uhr. |
Copyright ©2000-2024, Trojaner-Board