Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virenproblem (https://www.trojaner-board.de/23368-virenproblem.html)

kleinerdackel 05.11.2005 21:50
Virenproblem
 
Moin, also ich hab folgendes Problem: Ich habe seit einiger Zeit ein paar Viren auf meinem Computer die verhindern das ich mehrere Programme auf C richtig ausführen kann. Wenn ich dann mit Spybot meinen Computer checke, kommt auch heraus das einige Viren da sind. Ok, alle gelöscht, aber wenn ich danach den Virencheck nochmal mache sind die Dinger schon wieder da. Habs auch schonmal im abgesicherten Modus probiert, aber da findet Spybot nichts mehr.
Hat irgendjemand ne Ahnung wie ich die Dinger loswerde ohne gleich meinen Computer neu auflegen zu müssen?

chaosman 05.11.2005 22:33
@kleinerdackel
poste bitte ein HJT logfile
http://www.trojaner-board.de/showthread.php?t=17493

chaosman

kleinerdackel 05.11.2005 23:01
Logfile of HijackThis v1.99.1
Scan saved at 22:57:42, on 05.11.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\ICQLite\ICQLite\ICQLite.exe
C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
C:\Programme\Mozilla1.7.8\Mozilla.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.piranha-bytes.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ICQ Lite] C:\Programme\ICQLite\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Mozilla Quick Launch] "c:\Programme\Mozilla1.7.8\Mozilla.exe" -turbo
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Xfire.lnk = C:\Programme\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Google-Suche - res://c:\programme\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://c:\programme\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://c:\programme\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://c:\programme\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Ähnliche Seiten - res://c:\programme\google\GoogleToolbar2.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Broken Internet access because of LSP provider 'c:\programme\bonjour\mdnsnsp.dll' missing
O23 - Service: Bonjour Dienst (Bonjour Service) - Unknown owner - C:\Programme\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Unknown owner - C:\Programme\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

kleinerdackel 11.11.2005 15:33
Muss ich eigentlich erwähnen das es wichtig ist?

kleinerdackel 13.11.2005 16:30
Also es ist wirklich wichtig.....

Haui45 13.11.2005 16:38
Hallo,

dein Thread ist wohl irgendwie untergegangen. :kloppen:

Ich kann im Log nicht schlechtes entdecken (die O9-Einträge -> Related könntest du fixen). Eine Ausnahme macht der Zustand deines Betriebssystems: Das Service Pack 2 sowie weitere wichtige Updates fehlen!

Was hat Spybot S&D gefunden?

Führe bitte einen Scan mit eScan durch und poste die Ergebnisse.

kleinerdackel 19.11.2005 17:28
Das ganze Ding ist zu groß, also post ich nur die infected

Sat Nov 19 15:54:52 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sat Nov 19 15:54:52 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sat Nov 19 15:54:52 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.

Sat Nov 19 15:54:58 2005 => ***** Scanning Registry for errors created because of Adware/Spyware *****
Sat Nov 19 15:55:03 2005 => Entry "HKCR\CLSID\{E0B8F398-BB08-4298-87F0-34502693902E}" refers to invalid object ""C:\Programme\Messenger\msmsgs.exe"". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\CLSID\{E3A3B1D9-5675-43c0-BF04-37BE11939FB7}" refers to invalid object ""C:\Programme\Messenger\msmsgs.exe"". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\TypeLib\{218CB45F-20B6-11d2-8E17-0000F803A446}" refers to invalid object "C:\Programme\Messenger\msmsgs.exe". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\TypeLib\{46BC1593-FE6B-419C-922D-AF3591AED129}" refers to invalid object "C:\Programme\iPod\bin\iPodService.exe". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\TypeLib\{53CED51D-432B-45b2-A3E0-0CE2C24235D4}" refers to invalid object "C:\Programme\Messenger\msmsgs.exe". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\TypeLib\{B2973F5E-C33E-4C94-8989-221CEEB8DC23}" refers to invalid object "C:\Programme\Messenger\msmsgs.exe". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\TypeLib\{E02AD29E-80F5-46c6-B416-9B3EBDDF057E}" refers to invalid object "C:\Programme\Messenger\msmsgs.exe". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\TypeLib\{F949CCC7-D49B-4A48-B3C3-4C10DEC5F75C}" refers to invalid object "C:\Programme\TGTSoft\StyleXP\StyleXPService.exe". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\.cab" refers to invalid object "WinRAR". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\.gz" refers to invalid object "WinRAR". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\.tar" refers to invalid object "WinRAR". Action Taken: No Action Taken.

Sat Nov 19 15:55:03 2005 => Entry "HKCR\.tgz" refers to invalid object "WinRAR". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.z" refers to invalid object "WinRAR". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.z2" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.z3" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zip" refers to invalid object "WinRAR.ZIP". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zma" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmb" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmc" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmd" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zme" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmf" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmg" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmh" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmi" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmj" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmk" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zml" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmm" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmn" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmo" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmp" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmq" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmr" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zms" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmt" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmu" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmv" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmw" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmx" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmy" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zmz" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn0" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn1" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn2" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn3" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn4" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn5" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn6" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn7" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn8" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zn9" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zna" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.znb" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.znc" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.znd" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zne" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.znf" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zng" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.znh" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.zni" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\.znj" refers to invalid object "ZAMailSafe". Action Taken: No Action Taken.

Sat Nov 19 15:55:04 2005 => Entry "HKCR\ed2k\shell\open\command" refers to invalid object ""C:\Dokumente und Einstellungen\wandapanda\Desktop\emule.exe" "%1"". Action Taken: No Action Taken.

Sat Nov 19 16:06:26 2005 => File C:\Dokumente und Einstellungen\wandapanda\Anwendungsdaten\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-3dbcfe4d-21103f99.zip infected by "Exploit.Java.ByteVerify" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\A0411228.EXE.VIR
Sat Nov 19 16:10:17 2005 => File C:\Programme\AVPersonal\INFECTED\A0411228.EXE.VIR infected by "Trojan-Downloader.Win32.Wintool.d" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.001
Sat Nov 19 16:10:17 2005 => File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.001 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.002
Sat Nov 19 16:10:17 2005 => File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.002 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.003
Sat Nov 19 16:10:17 2005 => File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.003 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.004
Sat Nov 19 16:10:17 2005 => File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.004 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.005
Sat Nov 19 16:10:17 2005 => File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.005 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.VIR
Sat Nov 19 16:10:17 2005 => File C:\Programme\AVPersonal\INFECTED\DNHNLLATA.EXE.VIR tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:17 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\init32m.VIR
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\init32m.VIR infected by "Trojan-Downloader.Win32.Agent.ho" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.001
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.001 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.002
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.002 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.003
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.003 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.004
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.004 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.005
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.005 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.006
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.006 tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.VIR
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\LTHLLPCC.EXE.VIR tagged as "not-a-virus:AdWare.Win32.Gator.a". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\optimize.VIR
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\optimize.VIR infected by "Trojan-Downloader.Win32.Dyfuca.dk" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\optimize.VIR00
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\optimize.VIR00 infected by "Trojan-Downloader.Win32.Dyfuca.dk" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\saap.VIR
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\saap.VIR tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\saap.VIR00
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\saap.VIR00 tagged as "not-a-virus:AdWare.Win32.180Solutions". Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR00
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR00 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR01
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR01 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR02
Sat Nov 19 16:10:18 2005 => File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR02 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:18 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR03
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR03 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR04
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SECURITY.VIR04 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR00
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR00 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR01
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR01 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR02
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR02 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR03
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR03 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR04
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR04 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR05
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\SVCHOST.VIR05 infected by "Trojan.Win32.WebSearch.j" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\WINPROMO[1].EXE.001
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\WINPROMO[1].EXE.001 infected by "Trojan-Dropper.Win32.Small.hu" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\WINPROMO[1].EXE.VIR
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\WINPROMO[1].EXE.VIR infected by "Trojan-Dropper.Win32.Small.hu" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\WINPROMO[2].EXE.VIR
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\WINPROMO[2].EXE.VIR infected by "Trojan-Dropper.Win32.Small.hu" Virus! Action Taken: No Action Taken.

Sat Nov 19 16:10:19 2005 => Scanning File C:\Programme\AVPersonal\INFECTED\WTOOLSS.EXE.VIR
Sat Nov 19 16:10:19 2005 => File C:\Programme\AVPersonal\INFECTED\WTOOLSS.EXE.VIR infected by "Trojan-Downloader.Win32.Wintool.b" Virus! Action Taken: No Action Taken.

kleinerdackel 20.11.2005 16:28
Ich möchte nochmals erwähnen das es WICHTIG ist^^

Haui45 20.11.2005 18:03
...und ich möchte erwähnen, dass wir es gerne sehen wenn die Anleitungen GENAU beachtet werden (-> Find.bat). ;)

Leere den Quarantäne-Ordner von AntiVir.
Lösche den Java-Cache.
Bereinige deine Registry, z.B. mit RegSeeker (vorher sichern nicht vergessen!)
Aktualisiere dein Betriebssystem!


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:56 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129