Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   Wie werde ich diesen Wurm los? (https://www.trojaner-board.de/55785-diesen-wurm-los.html)

turbo38 11.07.2008 21:15
Wie werde ich diesen Wurm los?
 
Hallo,

Bitdefender 10 Virenscanner hat auf meinen Rechner
(Windows 2000,SP4,Opera 9.27)
folgende Sachen gefunden:

1.Packer RLPack.D
2.Generic Mydoom.137d6e9d

Kann mir jemand sagen,wie ich das wieder los werde?

hier zwei Logs mit unterschiedlichen
Ergebnissen!

Gruß Turbo38

Log Nr.1
//-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 06/07/2008 21:56:20
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : A:\
C:\
D:\
Folders : 1
Files : 55
Memory processes scanned : 24
Archives : 5
Runtime packers : 0
Identified viruses : 1
Infected files : 1
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 16
Moved files : 0
I/O errors : 0
Scan time : 00:07:40
Scan speed (files/sec) : 0

Spyware Statistics

Registry keys scanned : 233
Registry keys infected : 15
Cookies scanned : 3
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 1


Virus definitions : 1348767
Scan plugins : 16
Archive plugins : 42
Unpack plugins : 7
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[X] Delete
[ ] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bitdefender\Desktop\Profiles\Logs\deep_scan\1215374179.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies


Summary:

<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Infected: Packer.RLPack.D
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Disinfection failed
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)


Log Nr.2


//-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 06/07/2008 19:42:29
//
//-----------------------------------------------------------------


Virus Statistics

Scan path : A:\
C:\
D:\
Folders : 115
Files : 304
Memory processes scanned : 22
Archives : 17
Runtime packers : 8
Identified viruses : 2
Infected files : 2
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 1
Moved files : 0
I/O errors : 0
Scan time : 00:05:39
Scan speed (files/sec) : 0

Spyware Statistics

Registry keys scanned : 222
Registry keys infected : 4
Cookies scanned : 3
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 1


Virus definitions : 1348767
Scan plugins : 16
Archive plugins : 42
Unpack plugins : 7
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bitdefender\Desktop\Profiles\Logs\deep_scan\1215366149.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies


Summary:

<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Infected: Packer.RLPack.D
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Disinfection failed
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Move failed
<System>=>C:\WINNT\Fonts\wmsncs.exe (full dump) Infected: Generic.Mydoom.137D6E9D
<System>=>C:\WINNT\Fonts\wmsncs.exe (full dump) Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Move failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Move failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Move failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Move failed


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131