Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Trojaner (win 32:Zlob-Bn) lässt sich nicht entfernen (https://www.trojaner-board.de/30223-trojaner-win-32-zlob-bn-laesst-entfernen.html)

wakeup079 27.06.2006 20:39
Trojaner (win 32:Zlob-Bn) lässt sich nicht entfernen
 
hi leute,

ich habe ein gravierendes Problem. Folgender Trojaner hat sich auf meinem Rechner festgesetzt: Win 32:Zlob-Bn. mein virenscanner (avast!) hat mir diesen zunächst halbstündig gemeldet, und meldet es mir jetzt fast alle fünf minuten.

seit neuestem meldet avast! auch noch, dass mein arbeitsspeicher infiziert sei.

auch ein manuelles entfernen der infizierten dateien mit hilfe von eScan und killbox im abgesicherten modus hat nicht geholfen. aber vielleicht habe ich ja auch etwas falsch gemacht oder etwas nicht gemacht.

weiteres problem, was evtl. mit dem oben genannten trojaner zusammenhängen könnte, ist, dass sich beim aufruf des IE jedesmal die Website mit dem namen "syssecuritysite.com" öffnet. hat sich irgenwie als startseite festgelegt. lässt sich auch über die eigenschaften des IE nicht ändern. auch wenn ich als Starteite zb web.de festlege, öffnet sich die besagte seite.

na ja, ich hoffe ich konnte mein probelm verständlich machen. und hoffe, dass mir irgendeiner helfen kann. sonst dauert es nicht mehr lange und ich ende bald so:huepp:

im folgenden noch die eScan log file.

Vielen dank im vorraus für eure hilfe.


escan log file=>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue Jun 27 19:29:27 2006 => System found infected with smitfraud variant Browser Hijacker (ot.ico)! Action taken: No Action Taken.
Tue Jun 27 19:29:27 2006 => System found infected with smitfraud variant Browser Hijacker (ts.ico)! Action taken: No Action Taken.
Tue Jun 27 19:38:04 2006 => System found infected with smitfraud variant Browser Hijacker (ot.ico)! Action taken: No Action Taken.
Tue Jun 27 19:38:04 2006 => System found infected with smitfraud variant Browser Hijacker (ts.ico)! Action taken: No Action Taken.
Tue Jun 27 19:50:56 2006 => System found infected with smitfraud variant Browser Hijacker (ot.ico)! Action taken: No Action Taken.
Tue Jun 27 19:50:56 2006 => System found infected with smitfraud variant Browser Hijacker (ts.ico)! Action taken: No Action Taken.
Tue Jun 27 20:42:09 2006 => System found infected with zlob Trojan-Downloader (dcomcfg.exe)! Action taken: No Action Taken.
Tue Jun 27 20:42:09 2006 => System found infected with zlob Trojan-Downloader (simpole.tlb)! Action taken: No Action Taken.
Tue Jun 27 20:42:13 2006 => System found infected with smitfraud Browser Hijacker (antivirus test online.url)! Action taken: No Action Taken.
Tue Jun 27 21:11:18 2006 => System found infected with zlob Trojan-Downloader (dcomcfg.exe)! Action taken: No Action Taken.
Tue Jun 27 21:11:18 2006 => System found infected with zlob Trojan-Downloader (simpole.tlb)! Action taken: No Action Taken.
Tue Jun 27 21:11:21 2006 => System found infected with smitfraud Browser Hijacker (antivirus test online.url)! Action taken: No Action Taken.
Tue Jun 27 19:29:26 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:29:26 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:29:27 2006 => Object "smitfraud variant Browser Hijacker" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:29:27 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:29:27 2006 => Object "errorguard Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:29:27 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:38:01 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:38:01 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:38:04 2006 => Object "smitfraud variant Browser Hijacker" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:38:04 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:38:04 2006 => Object "errorguard Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:38:04 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:50:54 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:50:55 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:50:56 2006 => Object "smitfraud variant Browser Hijacker" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:50:56 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:50:56 2006 => Object "errorguard Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 19:50:56 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:07 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:07 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:07 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:07 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:07 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:07 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:07 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:09 2006 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:09 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:19 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 20:42:19 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:15 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:15 2006 => Object "downloadware Spyware/Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:15 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:16 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:16 2006 => Object "winfixer/errorsafe Adware" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:16 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:16 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:18 2006 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:18 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:30 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
Tue Jun 27 21:11:31 2006 => Object "emule P2P-worm" found in File System! Action Taken: No Action Taken.
~~~~~~~~~~~
Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
Tue Jun 27 20:41:36 2006 => File C:\WINDOWS\system32\regperf.exe infected by "Trojan-Downloader.Win32.Zlob.vr" Virus! Action Taken: File to be deleted on reboot.
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
Tue Jun 27 19:29:27 2006 => Offending file found: C:\WINDOWS\system32\ot.ico
Tue Jun 27 19:29:27 2006 => Offending file found: C:\WINDOWS\system32\ts.ico
Tue Jun 27 19:38:04 2006 => Offending file found: C:\WINDOWS\system32\ot.ico
Tue Jun 27 19:38:04 2006 => Offending file found: C:\WINDOWS\system32\ts.ico
Tue Jun 27 19:50:56 2006 => Offending file found: C:\WINDOWS\system32\ot.ico
Tue Jun 27 19:50:56 2006 => Offending file found: C:\WINDOWS\system32\ts.ico
Tue Jun 27 20:42:09 2006 => Offending file found: C:\WINDOWS\system32\dcomcfg.exe
Tue Jun 27 20:42:09 2006 => Offending file found: C:\WINDOWS\system32\simpole.tlb
Tue Jun 27 20:42:13 2006 => Offending file found: C:\Dokumente und Einstellungen\***\Favoriten\antivirus test online.url
Tue Jun 27 21:11:18 2006 => Offending file found: C:\WINDOWS\system32\dcomcfg.exe
Tue Jun 27 21:11:18 2006 => Offending file found: C:\WINDOWS\system32\simpole.tlb
Tue Jun 27 21:11:21 2006 => Offending file found: C:\Dokumente und Einstellungen\***\Favoriten\antivirus test online.url
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
~~~~~~~~~~~
Ordner

Sunny 27.06.2006 20:41
Hier geht es für dich weiter ---> http://www.trojaner-board.de/showthread.php?t=30222

Diesen bitte schliessen!

Schneipi 27.06.2006 21:37
Doppelpost in die Tonne verschoben :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:14 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24