Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Hilfe - Rechner verseucht (https://www.trojaner-board.de/17637-hilfe-rechner-verseucht.html)

heintje34 10.05.2005 09:36
Hilfe - Rechner verseucht
 
Hallo,

mein WinXP-System scheint seit Anfang Mai arg mit Viren befallen zu sein. Ich habe das System mit dem Microworld Antivirus und Spyware Toolkit Utility gecheckt und dabei wurden mind. 59 Viren gefunden!. Anbei die Virus Log Information. Was kann ich tun???? Ich habe keine Erfahrung. EIn nicht schliessbares Sophosfenster eird ständig angezeigt mit der Meldung: Troj/Dloader-HW gefunden in c:windows\system32\elitenif32.exe. DIese Datei ist aber nicht auf dem Rechner zu finden.
Vielen Dank

File C:\WINDOWS\ELITET~1\ELITET~1.DLL infected by "not-a-virus:AdWare.ToolBar.EliteBar.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ELITES~1\ELITES~1.DLL infected by "not-a-virus:AdWare.ToolBar.EliteBar.z" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ELITET~1\ELITET~1.DLL infected by "not-a-virus:AdWare.ToolBar.EliteBar.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ELITES~1\ELITES~1.DLL infected by "not-a-virus:AdWare.ToolBar.EliteBar.z" Virus. Action Taken: No Action Taken.
File System Found infected by "ElitebarBHO Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ElitebarBHO Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Favoriteman Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "NetPal Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "NetPal Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "istbar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "kazaa Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "xhrmy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "EliteBar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "EliteBar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "EliteBar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "DMO Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "farmmext Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "farmmext Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "farmmext Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\localNRD.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\preInsln.exe infected by "not-a-virus:AdWare.BiSpy.o" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\ATPartners.dll infected by "not-a-virus:AdWare.F1Organizer.c" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\a_i_037.dll infected by "Trojan-Downloader.Win32.IstBar.iu" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\a_i_037.exe infected by "Trojan-Downloader.Win32.IstBar.iu" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitedoolsav.dat infected by "not-a-virus:AdWare.ToolBar.EliteBar.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\in10b6s.dll infected by "Trojan-Dropper.Win32.Small.tz" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\lmf32v.dll infected by "not-a-virus:AdWare.Suggestor.g" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\MB.dll infected by "Trojan-Dropper.Win32.Small.so" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\saie321.dll infected by "Trojan-Dropper.Win32.Small.nj" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\shawn_1.dll infected by "not-a-virus:AdWare.ToolBar.EliteBar.ac" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Admin\LOKALE~1\Temp\Del34.tmp infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Admin\LOKALE~1\Temp\suicidetb.exe infected by "not-a-virus:AdWare.ToolBar.EliteBar.ac" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Admin\LOKALE~1\Temp\THI53D6.tmp\localNRD.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Admin\LOKALE~1\Temp\THI53D6.tmp\preInsln.exe infected by "not-a-virus:AdWare.BiSpy.o" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Admin\LOKALE~1\TEMPOR~1\Content.IE5\05UVC1Y3\sideb[1].exe infected by "not-a-virus:AdWare.ToolBar.EliteBar.z" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Admin\Desktop\divx\mp3codec.zip tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Temp\Del34.tmp infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Temp\suicidetb.exe infected by "not-a-virus:AdWare.ToolBar.EliteBar.ac" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Temp\THI53D6.tmp\localNRD.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Temp\THI53D6.tmp\preInsln.exe infected by "not-a-virus:AdWare.BiSpy.o" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Temporary Internet Files\Content.IE5\05UVC1Y3\sideb[1].exe infected by "not-a-virus:AdWare.ToolBar.EliteBar.z" Virus. Action Taken: No Action Taken.
File C:\Programme\MBKWBar\IEToolBar.dll infected by "not-a-virus:AdWare.ToolBar.MBKWBar.a" Virus. Action Taken: No Action Taken.
File C:\Programme\MBKWBar\MBKWBar.exe infected by "not-a-virus:AdWare.ToolBar.MBKWBar.a" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0ED0884A-2F4F-4710-AC9E-42C40FBCE139}\RP61\A0035619.EXE infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0ED0884A-2F4F-4710-AC9E-42C40FBCE139}\RP61\A0036165.exe infected by "not-a-virus:AdWare.Suggestor.g" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\localNRD.dll infected by "not-a-virus:AdWare.BiSpy.t" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\preInsln.exe infected by "not-a-virus:AdWare.BiSpy.o" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\ATPartners.dll infected by "not-a-virus:AdWare.F1Organizer.c" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\aux\server\pskill.exe tagged as not-a-virus:NetTool.PsKill. No Action Taken.
File C:\WINDOWS\system32\a_i_037.dll infected by "Trojan-Downloader.Win32.IstBar.iu" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\a_i_037.exe infected by "Trojan-Downloader.Win32.IstBar.iu" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitedoolsav.dat infected by "not-a-virus:AdWare.ToolBar.EliteBar.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\in10b6s.dll infected by "Trojan-Dropper.Win32.Small.tz" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\lmf32v.dll infected by "not-a-virus:AdWare.Suggestor.g" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\MB.dll infected by "Trojan-Dropper.Win32.Small.so" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\saie321.dll infected by "Trojan-Dropper.Win32.Small.nj" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\shawn_1.dll infected by "not-a-virus:AdWare.ToolBar.EliteBar.ac" Virus. Action Taken: No Action Taken.

Rene-gad 10.05.2005 11:10
@heintje34
Zitat:
Troj/Dloader-HW gefunden in c:windows\system32\elitenif32.exe. DIese Datei ist aber nicht auf dem Rechner zu finden.
Bitte Dateien richtig suchen ;). Systemwiederherstellung abschalten . In abgesicherten Modus wechseln. Dieses Bereinigungsprogramm hilft dir, den ganzen Müll aus den Temp-Ordner und Papierkorb zu entfernen
Zitat:
C:\WINDOWS\ELITET~1\ELITET~1.DLL
C:\Programme\MBKWBar\MBKWBar.exe
Fett markierte Ordner samt Inhalte löschen.
Zitat:
C:\WINDOWS\localNRD.dll
C:\WINDOWS\preInsln.exe
C:\WINDOWS\system32\ATPartners.dll
C:\WINDOWS\system32\a_i_037.dll
C:\WINDOWS\system32\a_i_037.exe
C:\WINDOWS\system32\elitedoolsav.dat
C:\WINDOWS\system32\in10b6s.dll
C:\WINDOWS\system32\lmf32v.dll
C:\WINDOWS\system32\MB.dll
C:\WINDOWS\system32\saie321.dll
C:\WINDOWS\system32\shawn_1.dll
C:\WINDOWS\system32\aux\server\pskill.exe
Dateien löschen.
HJT und eScan wiederholen.

heintje34 10.05.2005 14:00
@rene-gad

vielen Dank erstmal für deine Hilfe. Ich bin dadurch schon etwas weiter gekommen.
Nach Veränderung der Searcheinstelllungen konnte ich alle von Dir angegebenen Dateien und Ordner entfernen bis auf C:\WINDOWS\ELITET~1\ELITET~1.DLL und C:\WINDOWS\system32\elitedoolsav.dat. Ausserdem ist auch die Datei c:windows\system32\elitenif32.exe immer noch nicht zu sehen. Woran kann das liegen?
Spyhunter findet unter anderem die Elitetoolbar, kann das Problem aber nicht beseitigen, da keine Vollversion
Microworld Antivirus und Spyware Toolkit Utility findet jetzt nur noch 18 Viren:

File C:\WINDOWS\ELITET~1\ELITET~1.DLL infected by "not-a-virus:AdWare.ToolBar.EliteBar.ae" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ELITES~1\ELITES~1.DLL infected by "not-a-virus:AdWare.ToolBar.EliteBar.z" Virus. Action Taken: No Action Taken.
File C:\windows\system32\elitenif32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File System Found infected by "ElitebarBHO Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "ElitebarBHO Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "Favoriteman Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "NetPal Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "NetPal Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "istbar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "kazaa Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "xhrmy Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "EliteBar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "EliteBar Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "DMO Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "farmmext Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "farmmext Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "farmmext Spyware/Adware" Virus. Action Taken: No Action Taken.



Was ist HJT?

felix1 10.05.2005 14:32
Gehe nach dieser Anleitung vor:
http://www.trojaner-board.de/showthread.php?t=17493


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131