|
77 Viren!!! Ich hab heute mal meine Festplate, nach dem ich sie mit Kaspersky untersucht habe(es wurden keine Viren gefunden), mit e` Scan untersucht. Dabei habe ich 77 Viren gefunden!!! Es sind Trojaner, Würmer, Dialer, ... Alles dabei. ...Aller dings is die log File zu groß... Hier die Hijack log File: Logfile of HijackThis v1.99.0 Scan saved at 13:58:35, on 05.02.2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Kaspersky\avpcc.exe C:\Programme\Kaspersky\avpm.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\htpatch.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe C:\PROGRA~1\COMMON~2\Toolbar\winnet.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\COMMON~2\Toolbar\comwiz.exe C:\Programme\Kaspersky\avpcc.exe D:\Programme\D-Tools\daemon.exe C:\Programme\Logitech\MouseWare\system\em_exec.exe C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe C:\PROGRA~1\wwpwsuxw\MgABAQcY.exe C:\PROGRA~1\ICQ\ICQ.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\Lukas\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.giga.de/index.php?bereichid=34 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.1und1.de/Herzlich_Willkommen/b1/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von 1 & 1 Internet AG F0 - system.ini: Shell=Explorer.exe C:\windows\system32\msiexec16.exe F1 - win.ini: run=C:\windows\system32\msiexec16.exe O2 - BHO: BabeIE - {00000000-0000-0000-0000-000000000000} - C:\PROGRA~1\COMMON~2\Toolbar\cnbabe.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [winnet] C:\PROGRA~1\COMMON~2\Toolbar\winnet.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe O4 - HKLM\..\Run: [OfficeGuard RegChecker] C:\Programme\Kaspersky\ogrc.exe O4 - HKLM\..\Run: [AVPCC] C:\Programme\Kaspersky\avpcc.exe /wait O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Programme\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ZUVJYoEx] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [ZQVGXwov] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [dAFHWcow] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [dg0HY51x] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [eQ0HVkUw] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [Zk0GZg1w] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [QkpGXwox] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [bwVJX9Ux] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [ZAVGUkEx] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [ek0GQgov] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [YAFHX1ox] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKLM\..\Run: [cIFHUsow] C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe O4 - HKCU\..\Run: [STYLEXP] C:\Programme\TGTSoft\StyleXP\StyleXP.exe -Hide O8 - Extra context menu item: Add A Page Note - C:\Programme\CommonName\Toolbar\createnote.htm O8 - Extra context menu item: Bookmark This Page - C:\Programme\CommonName\Toolbar\createbookmark.htm O8 - Extra context menu item: Email This Link - C:\Programme\CommonName\Toolbar\emaillink.htm O8 - Extra context menu item: Search using CommonName - C:\Programme\CommonName\Toolbar\navigate.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MedionShop - {01E9CF82-AE9D-42BA-A629-B23D51A4B86B} - http://www.medionshop.de/ (file missing) (HKCU) O11 - Options group: [CommonName] CommonName O14 - IERESET.INF: START_PAGE_URL=http://www.1und1.de/Herzlich_Willkommen/b1/ O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.7adpower.com/dialer/A091EMT.exe O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/pa.../GSManager.cab O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} - http://download.abetterinternet.com/...14006/thin.cab O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://god.t-online.de/download/ExentCtl.ocx O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - https://www.gamespyid.com/alaunch.cab O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web11.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/p...tx/install.cab O16 - DPF: {AE6CEFA8-1223-4337-8D94-977268FF9AA0} (DownloadUL Class) - http://www2.skoobidoo.com/softwares//Download_UL.cab O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) - O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} - http://cabs.roings.com/cabs/mmed.cab O16 - DPF: {EB6AFDAB-E16D-430B-A5EE-0408A12289DC} - http://download.fordaleltd.com/install/setup.cab O18 - Protocol hijack: cn - {9346A6BB-1ED0-4174-AFB4-13CD4EC0AA40} O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVP Control Centre Service - Kaspersky Labs. - C:\Programme\Kaspersky\avpcc.exe O23 - Service: KAV Monitor Service - Kaspersky Labs. - C:\Programme\Kaspersky\avpm.exe O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: StyleXPService - Unknown - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: X10 Device Network Service - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe wie soll ich euch denn die log file von e scan schreib wenn die so groß is?! S0RceReR |
Was wurde wo von eScan gefunden? "öffne die mwav.log (oder die mwXface.log) -> Bearbeiten -> Suchen -> infected oder tagged eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen." (Zitat Cidre) Poste bitte folgendes aus der mwav.log (steht ganz am Ende): Zitat:
btw: das Logfile schaut katastrophal aus. Wenn du Zeit sparen willst kannst du auch gleich dies ausführen. |
File C:\PROGRA~1\COMMON~2\Toolbar\cnbabe.dll infected by "not-a-virus:AdWare.CommonName.c" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\COMMON~2\Toolbar\comwiz.exe infected by "not-a-virus:AdWare.CommonName.b" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe infected by "not-a-virus:AdWare.CommonName.i" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\wwpwsuxw\MgABAQcY.exe infected by "not-a-virus:AdWare.CommonName.g" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\COMMON~2\Toolbar\cnbabe.dll infected by "not-a-virus:AdWare.CommonName.c" Virus. Action Taken: No Action Taken. File C:\PROGRA~1\wwpwsuxw\YcQABAgM.exe infected by "not-a-virus:AdWare.CommonName.i" Virus. Action Taken: No Action Taken. File C:\WINDOWS\System32\WebRebates_Auto_InstallSilent.exe infected by "not-a-virus:AdWare.WebRebates.b" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[10].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[11].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[12].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[13].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[14].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[15].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[1].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[2].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[2].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[3].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[3].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[4].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[4].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[5].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[5].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[6].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[6].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[7].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[7].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[8].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[8].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:10 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[9].exe Sat Feb 05 13:09:10 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\11711[9].exe infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[1].chm infected by "Trojan-Downloader.JS.Weis.b" Virus. Action Taken: No Action Taken. der 2. teil kommt gleich... |
2. Teil: File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[1].chm infected by "Trojan-Downloader.JS.Weis.b" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:44 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[2].chm Sat Feb 05 13:09:44 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[2].chm infected by "Trojan-Downloader.JS.Weis.b" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:44 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[3].chm Sat Feb 05 13:09:44 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[3].chm infected by "Trojan-Downloader.JS.Weis.b" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:44 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[4].chm Sat Feb 05 13:09:44 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[4].chm infected by "Trojan-Downloader.JS.Weis.b" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:44 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[5].chm Sat Feb 05 13:09:44 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\cr[5].chm infected by "Trojan-Downloader.JS.Weis.b" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[10].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[11].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[11].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[12].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[12].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[13].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[13].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[14].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[14].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[15].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[15].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[16].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[16].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[17].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[17].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[18].chm Sat Feb 05 13:09:48 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[18].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:48 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[19].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[19].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[1].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[1].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[20].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[20].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[21].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[21].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[22].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[22].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[23].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[23].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[24].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[24].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[25].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[25].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[26].chm Sat Feb 05 13:09:49 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[26].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:49 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[27].chm Sat Feb 05 13:09:50 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[27].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:50 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[28].chm Sat Feb 05 13:09:50 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[28].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:50 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[29].chm Sat Feb 05 13:09:50 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[29].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:50 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[2].chm Sat Feb 05 13:09:51 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[2].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:51 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[30].chm Sat Feb 05 13:09:51 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[30].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. der 3. Teil kommt gleich... |
File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[31].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:51 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[32].chm Sat Feb 05 13:09:51 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[32].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:51 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[33].chm Sat Feb 05 13:09:51 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[33].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:51 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[34].chm Sat Feb 05 13:09:51 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[34].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:51 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[35].chm Sat Feb 05 13:09:51 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[35].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:51 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[36].chm Sat Feb 05 13:09:51 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[36].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:51 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[37].chm Sat Feb 05 13:09:52 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[37].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:52 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[38].chm Sat Feb 05 13:09:52 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[38].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:52 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[39].chm Sat Feb 05 13:09:52 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[39].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:52 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[3].chm Sat Feb 05 13:09:52 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[3].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:52 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[40].chm Sat Feb 05 13:09:52 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[40].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:52 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[41].chm Sat Feb 05 13:09:53 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[41].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:53 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[42].chm Sat Feb 05 13:09:53 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[42].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:53 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[43].chm Sat Feb 05 13:09:53 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[43].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:53 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[44].chm Sat Feb 05 13:09:53 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[44].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:53 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[4].chm Sat Feb 05 13:09:53 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[4].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:53 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[5].chm Sat Feb 05 13:09:53 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[5].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:53 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[6].chm Sat Feb 05 13:09:53 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[6].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:53 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[7].chm Sat Feb 05 13:09:54 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[7].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:54 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[8].chm Sat Feb 05 13:09:54 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[8].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. Sat Feb 05 13:09:54 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[9].chm Sat Feb 05 13:09:54 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\2X9INE50\eu[9].chm infected by "not-a-virus:PornWare.Dialer.Generic" Virus. Action Taken: No Action Taken. der... ka wievielte teil kommt gleich... |
File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\7ASVNTK1\games3[1].cab infected by "Trojan.Win32.Dialui" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\LYKL3V5A\games3[1].cab infected by "Trojan.Win32.Dialui" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\LYKL3V5A\s722[1].zip infected by "Backdoor.Win32.SubSeven.22.a" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\Q5VCT4FE\ikw[1].exe infected by "not-a-virus:AdWare.CommonName.i" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\W1IFOHUN\games3[1].cab infected by "Trojan.Win32.Dialui" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\YXPY3MTS\POP[1].CHM infected by "Trojan-Downloader.VBS.Psyme.q" Virus. Action Taken: No Action Taken. Sat Feb 05 13:45:31 2005 => Scanning File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\YXPY3MTS\POP[2].CHM Sat Feb 05 13:45:31 2005 => File C:\DOKUME~1\Lukas\LOKALE~1\TEMPOR~1\Content.IE5\YXPY3MTS\POP[2].CHM infected by "Trojan-Downloader.VBS.Psyme.q" Virus. Action Taken: No Action Taken. Abschlussbericht: ---> Sat Feb 05 13:46:15 2005 => Total Files Scanned: 37833 Sat Feb 05 13:46:15 2005 => Total Virus(es) Found: 77 Sat Feb 05 13:46:15 2005 => Total Disinfected Files: 0 Sat Feb 05 13:46:15 2005 => Total Files Renamed: 0 Sat Feb 05 13:46:15 2005 => Total Deleted Files: 0 Sat Feb 05 13:46:15 2005 => Total Errors: 1 Sat Feb 05 13:46:15 2005 => Time Elapsed: 01:21:28 Sat Feb 05 13:46:15 2005 => Virus Database Date: 2005/02/05 Sat Feb 05 13:46:15 2005 => Virus Database Count: 117200 ...das wars auch schon |
Bevor wir versuchen das System zu säubern, macht bitte folgedes: Scanne die Datei Zitat:
Falls du die Dateien nicht finden kannst, nimm bitte folgende Einstellungen vor: Im Windows-Explorer->Extras->Ordneroptionen->den Reiter "Ansicht"->Versteckte Dateien und Ordner-> "alle Dateien und Ordner anzeigen" aktivieren + Im Windows-Explorer->Extras->Ordneroptionen->den Reiter "Ansicht"->Dateien und Ordner-> "Geschützte Systemdateien ausblenden (empfohlen)" deaktivieren |
@haui45 das können wir uns sparen. msiexec16.exe ist der optix trojan. der hat backdoor funktionalität. @s0rcerer dein system ist kompromittiert; es ist nicht mehr vertrauenswürdig. installiere windows neu und beachte diese Anleitung |
@Chris14 Das habe ich auch gelesen, ich will aber sicher gehen! Namen sind Schall und Rauch, jedes Programm kann sich so nennen, wie es will! |
der punkt geht klar an dich. allerdings kann man davon ausgehen, dass es einer ist. aber ok, soll er scannen. die warscheinlichkeit ist allerdings sehr hoch, das es optix ist. |
Die Wahrscheinlichkeit ist natürlich sehr hoch, da sich gewöhnliche Downloader meist nicht in die system.ini oder win.ini eintragen. |
Ich hab zwar die einstellungen vorgenommen aber ich find die datei trotzdem net! |
ich hab nur eine ohne 16... also nur msiexec.exe ... |
Hast du bzw. Kaspersky die Datei vielleicht schonmal gelöscht? (auch mal die Logs von Kaspersky durchlesen) Zitat:
|
ähm... ka ob ich die mal gelöscht hab, aber wo finde ich die log datei von kaspersky? |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:56 Uhr. |
Copyright ©2000-2024, Trojaner-Board